Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Backdoors >> Dabber worm detection


Vulnerability Assessment Details

Dabber worm detection

Vulnerability Assessment Summary
Dabber worm detection

Detailed Explanation for this Vulnerability Assessment

W32.Dabber propagates by exploiting a vulnerability in the FTP server
component of W32.Sasser.Worm and its variants.
It installs a backdoor on infected hosts and tries to listen on port 9898.
If the attempt fails, W32Dabber.A tries to listen on ports 9899 through 9999
in sequence until it finds an open port.

See also :
http://securityresponse.symantec.com/avcenter/venc/data/w32.dabber.b.html
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx

Solution:
- Disable access to port 445 and Dabber remote shell by using a firewall
- Apply Microsoft MS04-011 patch
- Update your virus definitions

Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 David Maciejak

Cables, Connectors

DELL POWEREDGE R210 Intel Xeon x3430 2.4GHZ 4GB pc3-10600E No Hdd's w/ caddy
$39.0
DELL POWEREDGE R210 Intel Xeon x3430 2.4GHZ 4GB pc3-10600E No Hdd's w/ caddy pictureDELL POWEREDGE R730XD SERVER 12 BAY TWO E5-2620V4 2.1GHz 768GB 4 X 300GB 15K SAS
$10339.0
DELL POWEREDGE R730XD SERVER 12 BAY TWO E5-2620V4 2.1GHz 768GB 4 X 300GB 15K SAS pictureDELL POWEREDGE FC630 TWO E5-2630V4 2.2GHZ 64GB 2 X 900GB 10K SAS H330
$3649.0
DELL POWEREDGE FC630 TWO E5-2630V4 2.2GHZ 64GB 2 X 900GB 10K SAS H330 pictureDELL POWEREDGE R730 8 BAY E5-2620V3 2.4GHZ 64GB 7 X 1.8TB 10K 12G H730
$4249.0
DELL POWEREDGE R730 8 BAY E5-2620V3 2.4GHZ 64GB 7 X 1.8TB 10K 12G H730 picture


Discussions

No Discussions have been posted on this vulnerability.