MyDoom Virus Backdoor Detection

critical Nessus Plugin ID 12029

Language:

Synopsis

The remote host has a suspicious application installed.

Description

The MyDoom backdoor is listening on this port. An attacker may connect to it to retrieve sensitive information, e.g. passwords or credit card numbers.

Solution

Use an antivirus package to remove it.

See Also

http://www.nessus.org/u?b9670fc4

http://www.nessus.org/u?8f14fece

http://www.nessus.org/u?00c06271

Plugin Details

Severity: Critical

ID: 12029

File Name: mydoom_virus.nasl

Version: 1.22

Type: remote

Family: Backdoors

Published: 1/27/2004

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C