No news in the witty front...Back to Infocon 'GREEN'.
For information about the Witty worm check previous diaries: http://isc.sans.org/diary.html?date=2004-03-20 http://isc.sans.org/diary.html?date=2004-03-22 Multiple Vulnerabilities in Ethereal Ethereal released an advisory today about multiple vulnerabilities in version 0.10.2. According the advisory, by exploring this vulnerability, it is possible to make Ethereal to crash or execute arbitrary code "by injecting a purposefully malformed packet onto the wire, by convincing someone to read a malformed packet trace file, or by creating a malformed color filter file." The solution is to upgrade to version 0.10.3. At the time that this diary is written, the is no version 0.10.3 available to download in ethereal website. References: http://www.ethereal.com/appnotes/enpa-sa-00013.html New Netsky Variant Symantec moved the new Netsky variant to level 3. The netsky.p variant also uses a vulnerability in IE to execute E-mail attachments. This is a known flaw and has a patch available since 2001. Reference: http://www.eweek.com/article2/0,1759,1552315,00.asp ------------------------------------------------ Handler on Duty: Pedro Bueno (bueno_AT_ieee.org) |
Pedro 155 Posts ISC Handler Mar 24th 2004 |
Thread locked Subscribe |
Mar 24th 2004 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!