Old-School Bagle Worm Still Ready for Modern Spam Campaigns

The long-running Bagle worm, affecting Microsoft Windows machines, is still out there, a throwback to an earlier time. Also referred to as Beagle, Bagle contains a backdoor that listens on TCP port 6777 which is hardcoded in the worm’s body. This backdoor component provides remote access to the...

CVE-2004-2348

Sybari AntiGen for Domino 7.0 Build 722 SR2 allows remote attackers to cause a denial of service hang via an encrypted ZIP file with the "include full path info" option set, as used by certain variants of the Beagle/Bagle worm...

CVE-2004-1909

Claim Anti-Virus ClamAV 0.68 and earlier allows remote attackers to cause a denial of service crash via certain RAR archives, such as those generated by the Beagle/Bagle worm...

CVE-2004-1909

The CVE-2004-1909 instance concerns ClamAV (0.68 and earlier) where processing certain RAR archives, such as those created by Beagle/Bagle variants, can crash the clamav process leading to a denial of service. Public references in Gentoo GLSA-200404-07 confirm the remote impact vector (RAR archiv...

CVE-2004-1909

Claim Anti-Virus ClamAV 0.68 and earlier allows remote attackers to cause a denial of service crash via certain RAR archives, such as those generated by the Beagle/Bagle worm...

Bagle Worm Removal

The remote host had the Bagle worm installed. Nessus attempted to remove it by connecting to port 6777 of the host and using the built-in removal command. However, you should verify that : - The worm was removed properly - The remote host has not been altered in any other way. C Tenable Network...