Synopsis
A successful shell attack was detected.
Description
The results of an unsuccessful attempt to change drives on a Windows machine occurred in a TCP session normally used for a standard service. This may indicate a successful compromise of this service has occurred.
Solution
The command activity observed is indicative of a possible compromise. Consider performing a full audit of the system to investigate further.
Plugin Details
Vulnerability Information
CPE: cpe:/o:microsoft:windows