 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.51680 |
| Category: | Backdoors |
| Title: | Linux.Ramen.Worm Detect |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host appears to be infected with the Ramen worm. This worm attacks your system via unpatched versions of rpc.statd, wuftpd and LPRng. Once infected, it patches the holes it exploited, and opens a webserver on port 27374 to allow itself to be distributed further. Default installs of RedHat 6.2 and 7.0 are susceptible to this worm. ***WARNING: We did not attempt to communicate with the worm, only verified that the port normally used by it was open. It is possible that you may be running a different service on this port, in which case this test is a false positive. Solution: Use an Anti-Virus package to remove it. http://securityresponse.symantec.com/avcenter/venc/data/linux.ramen.worm.html Risk factor : Critical |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |