TROJAN: School Bus Backdoor
This signature detects commands sent to systems infected with the School Bus backdoor. School Bus, a backdoor Trojan loosely based on the NetBus Trojan, can delete Windows system files and send system information to the attacker controlling the Trojan.
Extended Description
School Bus is a Trojan horse with backdoor capability. It enables remote attackers to gain control over an affected machine. Some of the remote commands supported by School Bus are quite dangerous, such as File manager, Get system passwords, Get cached passwords, and Crash Windows.
Short Name
TROJAN:MISC:SCHOOLBUS-JOYBD
Severity
Warning
Recommended
False
Recommended Action
None
Category
TROJAN
Keywords
Backdoor Bus CVE-1999-0660 School
Release Date
10/06/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3324
Port
TCP/54321
False Positive
Unknown
CVSS Score
8.8