Unmanarc Remote Control Server detection 1.0
 
Plugin ID340
Plugin nameUnmanarc Remote Control Server detection
Plugin filenameUnmanarc Remote Control Server detection.plugin
Plugin filesize2481 bytes
Plugin familyBackdoors
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/09
Plugin version1.0
Plugin protocoltcp
Plugin port3360
Plugin procedure detectionopen|sleep|send iux\n|sleep|close|pattern_exists $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Plugin detection accuracy90
Plugin commentThe NASL script is Copyright(C) 9/2004 J.Mlodzianowski
Bug produced nameUnmanarc
Bug affectedUnmanarc Remote Control Server
Bug not affectedOther solutions
Bug vulnerability classConfiguration
Bug descriptionThis host appears to be running URCS Server. Unmanarc Remote Control Server can be used/installed silent as a 'backdoor' which may allow an intruder to gain remote access to files on the remote system. If this program was not installed for remote management then it means the remote host has been compromised. An attacker may use it to steal files, passwords, or redirect ports on the remote system to launch other attacks.
Bug solutionSee http://www.rapter.net/jm5.htm
Bug fixing timeApprox. 1 hour
Bug exploit availabilityMaybe
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity6
Bug simplicity9
Bug impact9
Bug risk8
Bug Nessus riskHigh
Bug check toolsNessus can check this flaw with the plugin 15405 (URCS Server Detection).
Source Nessus ID15405
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://securityresponse.symantec.com/avcenter/venc/data/backdoor.urcs.html

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.