NetSarang Xlpd 5 Backdoor Trojan (ShadowPad)
Critical Nessus Plugin ID 102710
SynopsisThe remote host contains an application that is affected by a trojan backdoor.
DescriptionThe Xlpd 5,a line printer daemon for Windows, installed on the remote host has a nssock2.dll file identified by its MD5 hash that is infected with a trojan backdoor.
The affected file includes an encrypted payload that could be remotely activated by a knowledgeable attacker.
SolutionUpgrade to Xshell 5 Build 1326 or later.