Trin00 for Windows Trojan Detection

critical Nessus Plugin ID 10307

Synopsis

The remote service is a malicious backdoor application.

Description

The remote host appears to be running Trin00 for Windows, a trojan that can be used to control your system or make it attack another network (this is actually called a distributed denial of service attack tool).

It is very likely that this host has been compromised.

Solution

Restore your system from backups and contact CERT as well as your local authorities.

See Also

https://staff.washington.edu/dittrich/misc/trinoo.analysis

Plugin Details

Severity: Critical

ID: 10307

File Name: win_trinoo.nasl

Version: 1.30

Type: remote

Family: Backdoors

Published: 2/28/2000

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ThoroughTests

Vulnerability Publication Date: 2/9/2000

Reference Information

CVE: CVE-2000-0138