Attack (Attack ID:302043)

Release Date09/20/2012

Attack NameDetected WebShell simon.asp

Severity

BUG ID

CVE ID

 

Description

simon.asp is a web-based Trojan running in ASP environment which is designed to compromise Web servers without being noticed. It can breach firewalls and monitor Web servers through Internet remotely.

The main functions include:
File management, host information reconnaissance, web proxy, remote command and script execution, database operation, webpage trojaning, privilege escalation, etc.

Affected system:
Windows and Unix Web servers

 

Solution

Delete the ASP Trojan webpage and fix the vulnerability.