Microsoft IE FRAME/IFRAME/EMBED Tag Overflow (Bofra Worm Detection)

Critical Nessus Plugin ID 15746

Synopsis

The remote host is infected with a worm.

Description

The remote host seems to have been infected with the Bofra worm or one of its variants, which infects machines via an Internet Explorer IFRAME exploit. It is very likely this system has been compromised.

Solution

Verify that the remote system has been compromised, and re-install if necessary.

See Also

http://www.nessus.org/u?15ea74a4

Plugin Details

Severity: Critical

ID: 15746

File Name: bofra_detect.nasl

Version: 1.22

Type: remote

Family: Backdoors

Published: 2004/11/17

Modified: 2018/10/30

Dependencies: 10107

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2004/10/25

Reference Information

CVE: CVE-2004-1050

BID: 11515