Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Ethereal Vulnerabilities / NetSky.P - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Ethereal Vulnerabilities / NetSky.P
No news in the witty front...Back to Infocon 'GREEN'.

For information about the Witty worm check previous diaries:

http://isc.sans.org/diary.html?date=2004-03-20

http://isc.sans.org/diary.html?date=2004-03-22
Multiple Vulnerabilities in Ethereal
Ethereal released an advisory today about multiple vulnerabilities in
version 0.10.2. According the advisory, by exploring this
vulnerability, it is possible to make Ethereal to crash or execute
arbitrary code "by injecting a purposefully malformed packet onto the
wire, by convincing someone to read a malformed packet trace file, or
by creating a malformed color filter file."
The solution is to upgrade to version 0.10.3.
At the time that this diary is written, the is no version 0.10.3
available to download in ethereal website.
References: http://www.ethereal.com/appnotes/enpa-sa-00013.html
New Netsky Variant
Symantec moved the new Netsky variant to level 3. The netsky.p variant also
uses a vulnerability in IE to execute E-mail attachments. This is a known flaw and has a patch available since 2001.
Reference: http://www.eweek.com/article2/0,1759,1552315,00.asp
------------------------------------------------

Handler on Duty: Pedro Bueno (bueno_AT_ieee.org)
Pedro

155 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!