NetSarang Xmanager 5 Backdoor Trojan (ShadowPad)
Critical Nessus Plugin ID 102712
SynopsisThe remote host contains an application that is affected by a trojan backdoor.
DescriptionThe Xmanager 5, an X server for Windows, installed on the remote host has a nssock2.dll file identified by its MD5 hash that is infected with a trojan backdoor.
The affected file includes an encrypted payload that could be remotely activated by a knowledgeable attacker.
SolutionUpgrade to Xshell 5 Build 1326 or later.