Conficker Worm Detection (uncredentialed check)

critical Nessus Plugin ID 36036

Synopsis

The remote host seems to be infected by a variant of the Conficker worm.

Description

The remote host seems to be infected by the Conficker worm. This worm has several capabilities which allow an attacker to execute arbitrary code on the remote operating system. The remote host might also be attempting to propagate the worm to third party hosts.

Solution

Update your Antivirus and perform a full scan of the remote operating system.

See Also

http://net.cs.uni-bonn.de/wg/cs/applications/containing-conficker/

https://support.microsoft.com/en-us/help/962007/virus-alert-about-the-win32-conficker-worm

http://www.nessus.org/u?1f3900d3

Plugin Details

Severity: Critical

ID: 36036

File Name: conficker_detect.nasl

Version: 3.14

Type: local

Family: Backdoors

Published: 3/29/2009

Updated: 11/25/2019

Asset Inventory: true

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C