Bugbear.B Worm Detection

critical Nessus Plugin ID 11733

Language:

Synopsis

The remote host may have been compromised.

Description

The BugBear.B backdoor appears to be listening on this port. An attacker may connect to it to retrieve secret information such as passwords, credit card numbers, etc.

The BugBear.B worm includes a keylogger and can kill antivirus and firewall software. It propagates through email and open Windows shares.

Solution

- Use an antivirus package to remove it.
- Close your Windows shares
- See http://www.symantec.com/avcenter/venc/data/[email protected]

Plugin Details

Severity: Critical

ID: 11733

File Name: bugbear_b_1080.nasl

Version: Revision: 1.12

Type: remote

Family: Backdoors

Published: 6/11/2003

Updated: 5/3/2013

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Detections

Analytics