Detections
Analytics
SSHD libkeyutils Backdoor
critical Nessus Plugin ID 64913
Language:
Synopsis
The remote host may be compromised.Description
The remote host appears to contain a trojaned libkeyutils library. The trojaned library links to SSHD, steals credentials, and sends spam.Solution
Verify whether or not the system has been compromised. Restore from known good backups and investigate the network for further signs of a compromise, if necessary.See Also
http://www.webhostingtalk.com/showthread.php?t=1235797
http://www.nessus.org/u?f62cb60d
http://www.nessus.org/u?b03816df
http://www.nessus.org/u?4958f5dd
http://www.webhostingtalk.com/showpost.php?p=8563741&postcount=284
Plugin Details
Severity: Critical
ID: 64913
File Name: sshd_libkeyutils_backdoor.nasl
Version: 1.7
Type: Local
Agent: unix
Family: General
Published: 2/27/2013
Updated: 5/21/2026
Supported Sensors: Nessus Agent, Nessus
Risk Information
CVSS Score Rationale: No cve available for this vulnerability.
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: manual
Vulnerability Information
Required KB Items: Host/local_checks_enabled