SAHAGENT Detection

high Nessus Plugin ID 12000

Synopsis

A spyware is running on this host.

Description

The remote host is using the SAHAGENT program. You should ensure that :

- the user intended to install SAHAGENT (it is sometimes silently installed)
- the use of SAHAGENT matches your Corporate mandates and Security Policies.

To remove this sort of software, you may wish to check out ad-aware or spybot.

Solution

Uninstall this software.

See Also

http://www.nessus.org/u?c4a5407f

http://www.ca.com/securityadvisor/pest/pest.aspx?id=453076082

Plugin Details

Severity: High

ID: 12000

File Name: sahagent_detection.nasl

Version: 1.18

Type: local

Agent: windows

Family: Windows

Published: 1/15/2004

Updated: 2/1/2022

Asset Inventory: true

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: x-cpe:/a:sahagent:sahaget

Required KB Items: SMB/Registry/Enumerated