Backdoors Trojan and Virus : Sasser Virus Detection

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.12219

Category: Backdoors

Title: Sasser Virus Detection

Summary: NOSUMMARY

Description: Description:

Synopsis :

The remote hos is infected by a virus.

Description :

The Sasser worm is infecting this host. Specifically,
a backdoored command server may be listening on port 9995 or 9996
and an ftp server (used to load malicious code) is listening on port
5554 or 1023. There is every indication that the host is currently
scanning and infecting other systems.

See also :

http://www.lurhq.com/sasser.html

Solution:

- Use an Anti-Virus package to remove it.
- See http://www.microsoft.com/technet/security/bulletin/ms04-011.asp

Risk factor :

Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)

Copyright Copyright (C) 2004 Tenable Network Security

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.12219
Category:	Backdoors
Title:	Sasser Virus Detection
Summary:	NOSUMMARY
Description:	Description: Synopsis : The remote hos is infected by a virus. Description : The Sasser worm is infecting this host. Specifically, a backdoored command server may be listening on port 9995 or 9996 and an ftp server (used to load malicious code) is listening on port 5554 or 1023. There is every indication that the host is currently scanning and infecting other systems. See also : http://www.lurhq.com/sasser.html Solution: - Use an Anti-Virus package to remove it. - See http://www.microsoft.com/technet/security/bulletin/ms04-011.asp Risk factor : Critical / CVSS Base Score : 10 (AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Copyright	Copyright (C) 2004 Tenable Network Security