La mia libreria
La mia libreria

+ Aggiungi alla libreria

Supporto
Supporto 24/7 | Regole per contattare

Richieste

Profile

Linux.Exploit.CVE-2012-0809.5

Aggiunto al database dei virus Dr.Web: 2017-07-10

La descrizione è stata aggiunta:

Technical Information

Malicious functions:
Compiles a program from source codes:
  • /usr/bin/gcc e.c -o e
Launches processes:
  • sh -c /usr/bin/sudo -V
  • /usr/bin/sudo -V
  • sh -c /usr/bin/gcc e.c -o e
  • /usr/bin/sudo %20$08n %*482$ %*2850$ %1073741824$ -D9 -A
  • e
  • /bin/sh
Performs operations with the file system:
Modifies file access rights:
  • /root/e
  • /root/e.sh
Creates or modifies files:
  • /root/e.c
  • /tmp/ccZn0gyo.s
  • /tmp/cc7lZBvC.o
  • /tmp/ccxzdWlR.res
  • /tmp/ccTiEiuC.c
  • /tmp/ccc3dwFR.o
  • /tmp/ccK5tkR6.ld
  • /tmp/ccxBPv3l.le
  • /root/e
  • /root/e.sh
Deletes files:
  • /tmp/ccK5tkR6.ld
  • /tmp/ccxBPv3l.le
  • /tmp/ccTiEiuC.c
  • /tmp/ccc3dwFR.o
  • /tmp/ccxzdWlR.res
  • /tmp/cc7lZBvC.o
  • /tmp/ccZn0gyo.s
  • /root/e
  • /root/e.c
  • /root/e.sh
Other:
Collects RAM information

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number