Linux.Exploit.CVE-2012-0809.5
Added to the Dr.Web virus database:
2017-07-10
Virus description added:
2017-07-10
Technical Information
Malicious functions:
Compiles a program from source codes:
Launches processes:
- sh -c /usr/bin/sudo -V
- /usr/bin/sudo -V
- sh -c /usr/bin/gcc e.c -o e
- /usr/bin/sudo %20$08n %*482$ %*2850$ %1073741824$ -D9 -A
- e
- /bin/sh
Performs operations with the file system:
Modifies file access rights:
Creates or modifies files:
- /root/e.c
- /tmp/ccZn0gyo.s
- /tmp/cc7lZBvC.o
- /tmp/ccxzdWlR.res
- /tmp/ccTiEiuC.c
- /tmp/ccc3dwFR.o
- /tmp/ccK5tkR6.ld
- /tmp/ccxBPv3l.le
- /root/e
- /root/e.sh
Deletes files:
- /tmp/ccK5tkR6.ld
- /tmp/ccxBPv3l.le
- /tmp/ccTiEiuC.c
- /tmp/ccc3dwFR.o
- /tmp/ccxzdWlR.res
- /tmp/cc7lZBvC.o
- /tmp/ccZn0gyo.s
- /root/e
- /root/e.c
- /root/e.sh
Curing recommendations
Linux
Free trial
One month (no registration) or three months (registration and renewal discount)
欢迎下载
Dr.Web for Android
-
免费3个月
-
可使用所有保护组件
-
可在AppGallery/Google Pay延期
继续使用此网站意味着您同意我们使用Cookie文件和其他用于收集网站访问统计信息的技术手段。详细信息