SecuObs.com - L'observatoire de la sécurité internet - IIS Download.Ject Trojan Detection infos

SecuToolBox : Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP + Aircrack + Ubiquiti (MadWifi) 530 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner

Détail du test :

ID	12287
Nom	IIS Download.Ject Trojan Detection
Auteurs	This script is Copyright (C) 2004-2008 Tenable Network Security
Catégorie	Backdoors
Action	infos
Résumé	IIS Download.Ject Trojan Detection
Description	Download.Ject is a Trojan that infects Microsoft IIS servers. The Trojan's dropper sets it as the document footer for all pages served by IIS Web sites on the infected computer. See also : http://www.microsoft.com/security/incident/download_ject.mspx Solution : Use an Anti-Virus to clean machine. Risk factor : High

Cliquer pour le detail - Liste des tests :

Check for VNC HTTP
NetBus 1.x
Cart32 ChangeAdminPassword
w32.spybot.fcd Worm Infection Detection
IIS Possible Compromise
SyGate Backdoor
Hacker Defender Backdoor Detection
GirlFriend
IRC Bot ident Server Detection
Fluxay Sensor Detection
lovgate Virus Detection
Default web account on Zyxel
RemotelyAnywhere WWW detection
Wollf Backdoor Detection
Post-Nuke Trojan Horse
Desktop Orbiter Server Detection
Trin00 Detection
Agobot.FO Backdoor Detection
Bugbear.B Web Backdoor Detection
4553 Parasite Mothership Backdoor Detection
Radmin Detection
Unpassworded bash account
CDK Backdoor Detection
Dansie Shopping Cart Backdoor Detection
RemoteNC Backdoor Detection
Shaft Trojan Detection
mstream Handler Detection
SMTP Server Non-standard Port Detection
Kibuv Worm Detection
Kuang2 the Virus Detection
FsSniffer Detection
Trojan Horse Detection
MPEi/X Default Accounts
mstream Agent Detection
NetBus 2.x
Zincite.A (MyDoom.M) Backdoor
JRun Sample Files
Stacheldraht Detection
Remote PC Access Server Detection
Korgo Worm Detection
Lion Worm Detection
WinSATAN
RemotelyAnywhere SSH detection
IRC Bot Detection
Sasser Virus Detection
SubSeven Trojan Detection
TFTP Backdoor Detection
Dabber Worm Detection
Trinity v3 Detection
BackOrifice Detection
DeepThroat Backdoor Detection
NetSphere Backdoor
Alcatel OmniSwitch 7700/7800 Switches Backdoor Access
radmin (port 10002) - Possible GDI Compromise
Bugbear Worm Infection Detection
Fake SMTP/FTP Server (Potential Backdoor)
Bugbear.B worm
TFN (Tribe Flood Network) Detection
XAMPP Default FTP Account
Zotob Worm Detection
URCS Server Detection
Generic Backdoor Detection (Banner Based)
MyDoom Virus Backdoor
Bofra Virus Detection
IIS Download.Ject Trojan Detection
TCP Port 0 Open: Possible Backdoor
Trin00 for Windows Detection
MoonLit Virus Backdoor
GateCrasher
Portal of Doom
Finger Backdoor
alya.cgi CGI Backdoor Detection

Cliquer pour le detail - liste des categories :

CISCO

Compte utilisateur unix par défaut

Acces root à distance

Acces shell à distance

General

Divers

Netware

Backdoors / chevaux de troie

NIS

Peer to Peer

Scanner de port

Fichiers en acces distant

RPC

Parametrage

Serveur de messagerie SMTP

SNMP

Services de moindre importance

Windows : Général

Windows : gestion des utilisateurs

Windows : Mises a jour

Debian : Mises a jour

Gentoo : Mises a jour

AIX : Mises a jour

Red Hat : Mises a jour

Mac OS X : Mises a jour

Slackware : Mises a jour

SuSE : Mises a jour

Mandrake : Mises a jour

Fedora : Mises a jour

Solaris : Mises a jour

FreeBSD : Mises a jour

HP-UX : Mises a jour

Ubuntu : Mises a jour

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, windows, exploit, réseau, vulnérabilité, système, attaque, microsoft, virus, audit, internet, présentation, fonction, données, linux, outil, bluetooth, shell, gestion, vista, trames, wishmaster, sysun, paquets, metasploit, téléphone, engineering, fonctions + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA32774 Citrix XenServer Ext2/Ext3 Processing Security Bypass Vulnerability - SA32761 No-IP Linux Dynamic Update Client Buffer Overflow Vulnerability - SA32778 Ubuntu update for firefox, firefox-3.0, and xulrunner-1.9 - SA32659 E-topbiz Link Back Checker auth Cookie Security Bypass - SA32745 Free Directory Script API_HOME_DIR File Inclusion Vulnerability + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Re: Full-disclosure Fredrick Diggle Security is looking for a few good men (or mediocre women) - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Full-disclosure MDVSA-2008:220-1 kernel + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- MDVSA-2008:220-1 kernel - Re: Re: Re: Re: Opera 9.6x file:// overflow - Re: MDVSA-2008:232 dovecot - Re: Re: Re: Re: Opera 9.6x file:// overflow - MDVSA-2008:232 dovecot + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

virus, spyware, vmware, firmware, biometric, lockpicking, wimax, password, kernel, malware, spammer, windows, iphone, symantec, phish, knoppix, adware, security, botnet, linux, tutorial, cryptography, internet, attack, wireshark, server, virtual, metasploit, intel, openbsd, hitbsecconf2006, protect, jailbreak, norton, ubuntu, rootkit, exploit, samsung, hijackthis, screen, ettercap, fingerprint, vista, flash, drive + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, windows, vulnérabilité, network, google, vulnerability, hacker, attack, inject, remote, mobile, server, exploit, apple, internet, iphone, black, yahoo, sécurité, malware, vista, intel, patch, crypt, drive, access, protect, virtual, laptop, linux, source, biometric, research, ebook, business, virus, office, phish, adobe, chine, facebook, opera, flash, wireless + de mots clés avec l'annuaire de la revue de presse