Shaft Trojan Detection

critical Nessus Plugin ID 10350

Synopsis

The remote host is infected by a Trojan horse.

Description

The remote host appears to be running Shaft, which is a trojan that can be used to control your system or make it attack another network (this is actually called a distributed denial of service attack tool).

It is very likely that this host has been compromised

Solution

Restore your system from backups, contact CERT and your local authorities.

Plugin Details

Severity: Critical

ID: 10350

File Name: shaft.nasl

Version: 1.28

Type: remote

Family: Backdoors

Published: 3/17/2000

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ThoroughTests

Vulnerability Publication Date: 2/9/2000

Reference Information

CVE: CVE-2000-0138

Detections

Analytics