Plugin ID | 340 |
Plugin name | Unmanarc Remote Control Server detection |
Plugin filename | Unmanarc Remote Control Server detection.plugin |
Plugin filesize | 2481 bytes |
Plugin family | Backdoors |
Plugin created name | Marc Ruef |
Plugin created email | marc.ruef at computec.ch |
Plugin created web | http://www.computec.ch |
Plugin created company | computec.ch |
Plugin created date | 2005/01/09 |
Plugin version | 1.0 |
Plugin protocol | tcp |
Plugin port | 3360 |
Plugin procedure detection | open|sleep|send iux\n|sleep|close|pattern_exists $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ |
Plugin detection accuracy | 90 |
Plugin comment | The NASL script is Copyright(C) 9/2004 J.Mlodzianowski |
Bug produced name | Unmanarc |
Bug affected | Unmanarc Remote Control Server |
Bug not affected | Other solutions |
Bug vulnerability class | Configuration |
Bug description | This host appears to be running URCS Server. Unmanarc Remote Control Server can be used/installed silent as a 'backdoor' which may allow an intruder to gain remote access to files on the remote system. If this program was not installed for remote management then it means the remote host has been compromised. An attacker may use it to steal files, passwords, or redirect ports on the remote system to launch other attacks. |
Bug solution | See http://www.rapter.net/jm5.htm |
Bug fixing time | Approx. 1 hour |
Bug exploit availability | Maybe |
Bug remote | Yes |
Bug local | Yes |
Bug severity | High |
Bug popularity | 6 |
Bug simplicity | 9 |
Bug impact | 9 |
Bug risk | 8 |
Bug Nessus risk | High |
Bug check tools | Nessus can check this flaw with the plugin 15405 (URCS Server Detection). |
Source Nessus ID | 15405 |
Source Literature | Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427 |
Source Misc. | http://securityresponse.symantec.com/avcenter/venc/data/backdoor.urcs.html |