CDK Backdoor Detection

critical Nessus Plugin ID 10036

Synopsis

A backdoor is running on the remote host.

Description

The remote host appears to be running CDK, a backdoor that can be used to control your system. This suggests the host has been been compromised.

A remote attacker can control the system by connecting to this port and sending the password 'ypi0ca'.

Solution

Verify that the system has been compromised, and reinstall the operating system if necessary.

Plugin Details

Severity: Critical

ID: 10036

File Name: cdk.nasl

Version: Revision: 1.22

Type: remote

Family: Backdoors

Published: 2/20/2000

Updated: 10/21/2015

Supported Sensors: Nessus

Detections

Analytics