MS Executable Detection

critical Nessus Plugin ID 33950

Language:

Synopsis

The remote host may be compromised.

Description

This service is unknown to Nessus. It appears to send a Microsoft Windows executable when a connection to it is established. This may be evidence of some malware that are known to propagate in this manner.

Solution

Check the host and disinfect / reinstall it if necessary.

Plugin Details

Severity: Critical

ID: 33950

File Name: ms_exe_detect.nasl

Version: 1.11

Type: remote

Family: Service detection

Published: 8/20/2008

Updated: 11/22/2019

Asset Inventory: true

Supported Sensors: Nessus

Vulnerability Information

Excluded KB Items: global_settings/disable_service_discovery

Detections

Analytics