MS Executable Detection

critical Nessus Plugin ID 33950

Synopsis

The remote host may be compromised.

Description

This service is unknown to Nessus. It appears to send a Microsoft Windows executable when a connection to it is established. This may be evidence of some malware that are known to propagate in this manner.

Solution

Check the host and disinfect / reinstall it if necessary.

Plugin Details

Severity: Critical

ID: 33950

File Name: ms_exe_detect.nasl

Version: 1.11

Type: remote

Published: 8/20/2008

Updated: 11/22/2019

Asset Inventory: true

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/disable_service_discovery