YARA Memory Scan (Linux)

Critical Nessus Plugin ID 97863


Nessus detected one or more malicious processes on the remote host.


Nessus detected one or more processes on the remote Linux host that match a YARA rule. Note that scanning memory requires a privileged account that can use ptrace.

See Also


Plugin Details

Severity: Critical

ID: 97863

File Name: linux_yara_mem_scan.nbin

Version: 1.183

Type: local

Agent: unix

Family: Backdoors

Published: 2017/03/21

Updated: 2019/03/13

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H