No news in the witty front...Back to Infocon 'GREEN'.

For information about the Witty worm check previous diaries:

http://isc.sans.org/diary.html?date=2004-03-20

http://isc.sans.org/diary.html?date=2004-03-22
Multiple Vulnerabilities in Ethereal
Ethereal released an advisory today about multiple vulnerabilities in
version 0.10.2. According the advisory, by exploring this
vulnerability, it is possible to make Ethereal to crash or execute
arbitrary code "by injecting a purposefully malformed packet onto the
wire, by convincing someone to read a malformed packet trace file, or
by creating a malformed color filter file."
The solution is to upgrade to version 0.10.3.
At the time that this diary is written, the is no version 0.10.3
available to download in ethereal website.
References: http://www.ethereal.com/appnotes/enpa-sa-00013.html
New Netsky Variant
Symantec moved the new Netsky variant to level 3. The netsky.p variant also
uses a vulnerability in IE to execute E-mail attachments. This is a known flaw and has a patch available since 2001.
Reference: http://www.eweek.com/article2/0,1759,1552315,00.asp
------------------------------------------------

Handler on Duty: Pedro Bueno (bueno_AT_ieee.org)