|
Family: Backdoors --> Category: infos
Sasser Virus Detection Vulnerability Scan
Vulnerability Scan Summary Sasser Virus Detection
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote hos is infected by a virus.
Description :
The Sasser worm is infecting this host. Specifically,
a backdoored command server may be listening on port 9995 or 9996
and an ftp server (used to load malicious code) is listening on port
5554 or 1023. There is every indication that the host is currently
scanning and infecting other systems.
See also :
http://www.lurhq.com/sasser.html
Solution:
- Use an Anti-Virus package to remove it.
- See http://www.microsoft.com/technet/security/bulletin/ms04-011.asp
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|