Unmanarc Remote Control Server (URCS) Detection

Critical Nessus Plugin ID 15405


The remote host may have been compromised.


This host appears to be running Unmanarc Remote Control Server (URCS). While it does have some legitimate uses, URCS may also have been installed silently as a backdoor, which may allow an intruder to gain remote access to files on the remote system. If this program was not installed for remote management, then it means the remote host has been compromised.

An attacker may use it to steal files, passwords, or redirect ports on the remote system to launch other attacks.


Reinstall the operating system and files from backup unless URCS is intended to be installed.

See Also




Plugin Details

Severity: Critical

ID: 15405

File Name: JM_urcs.nasl

Version: 1.20

Type: remote

Family: Backdoors

Published: 2004/10/01

Updated: 2018/11/15

Dependencies: 11153

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C