Windows
Internet Information Services (IIS)
Microsoft SQL Server (MSSQL)
Windows Authentication
Internet Explorer (IE)
Windows Remote Access Services
Microsoft Data Access Components (MDAC)
Windows Scripting Host (WSH)
Microsoft Outlook Outlook Express
Windows Peer to Peer File Sharing (P2P)
Simple Network Management Protocol (SNMP)
Unix
BIND Domain Name System
Remote Procedure Calls (RPC)
Apache Web Server
General UNIX Authentication Accounts with No Passwords or Weak Passwords
Clear Text Services
Sendmail
Simple Network Management Protocol (SNMP)
Secure Shell (SSH)
Misconfiguration of Enterprise Services NIS/NFS
Open Secure Sockets Layer (SSL)
En esta web detallan cada una y lo que se puede hacer al respecto.
http://isc.sans.org/top20.html 