NCASE Software Detection

high Nessus Plugin ID 12017

Synopsis

The remote host contains software that is considered spyware.

Description

The remote host is using the NCASE program. You should ensure that:\n
- the user intended to install NCASE (it is sometimes silently installed) - the use of NCASE matches your corporate mandates and security policies.

Running an anti-spyware application will typically remove this software.

Solution

NCASE is considered spyware, it should be uninstalled.

See Also

https://www.totaldefense.com/?id=453060842

Plugin Details

Severity: High

ID: 12017

File Name: ncase_detection.nasl

Version: 1.14

Type: local

Agent: windows

Family: Backdoors

Published: 1/15/2004

Updated: 2/1/2022

Asset Inventory: true

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated