[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-21519":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":49,"name":50,"published":51,"updated":34},21519,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":34,"risk_description":35,"public_description":36,"public_recommendation":37,"recommendation":34,"references":38,"cvssv3":34,"epss_score":44,"epss_percentile":45,"cve":46,"in_cisa_catalog":48,"date":34,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"Conficker is a worm that spreads on Windows Platforms. This malware could spread Windows file shares protected with weak passwords or to which a logged on domain administrator has access, by copying itself to removable storage devices and by exploiting the MS08-067 Windows Server service vulnerability. This malware generates infections files to set up to run as a service and also using a random name when Windows starts under system32, and tries to modify permissions on the service registry entries so that they are not visible to the user. Such registry entries are under, HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SvcHost and HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\RANDOM_SERVICE_NAME The plugin determines Conficker variants B or C. It likely works against systems that allow anonymous login, otherwise Credentials can be supplied. Successful exploitation could allow remote attackers to take complete control of an affected system and capable of stealing all kind of sensitive information and can even spread across the Network.","This host seems to be contaminated with infectious Conficker Worm.","The vendor has released updates. Please see the references for more information. Additionally use a Conficker Removal Tool, or a known Security Product to remove the conficker worm.",[39,40,41,42,43],"http://www.dshield.org/diary.html?storyid=5860","http://www.securityfocus.com/bid/31874","http://www.anti-spyware-101.com/remove-conficker","http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/","https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067",0.93538,0.99827,[47],"CVE-2008-4250",false,"NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.900091","Conficker Detection","2018-01-02T00:00:00Z"]