Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-02-18 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Netsky.b Virus / Win98 ASN.1 patch / new Mremap PoC

Published: 2004-02-18
Last Updated: 2004-02-19 01:18:36 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
Netsky.b Virus


Today a new mass mailing virus was discovered. It is called Netsky.b and according Symantec it uses its own SMTP engine to send itself to the email addresses. It will also search all drives beginning from drive C to Z, looking for "share" and "sharing" folders to copy itself into the folders.


Symantec currently considers it as Level 4 (Severe).


Reference: http://www.sarc.com/avcenter/venc/data/w32.netsky.b@mm.html





Microsoft Windows 98 Patch



A post to Bugtraq and Full Disclosure mailing lists today informs that apparently Windows 98 is also vulnerable to the MS04-007. It is not clear yet if the patch exists, or if it will be or not available on Microsoft Windows Update website or how it will be delivered.
The Microsoft Security Bulletin MS04-007 does not include any reference to Windows 98, so users should, as usual, be careful against any non-official patches for Win98.


Reference:
http://lists.netsys.com/pipermail/full-disclosure/2004-February/017520.html



Linux Mremap PoC



A proof of concept code was published on Full Disclosure list today. This PoC intends to test the new mremap vulnerability was discovered on kernel 2.4.24 and previous.
CVE has assigned the name CAN-2004-0077 to this issue.


Please check your Linux vendor for Updates. Most of the major Linux distributions already released patches for this vulnerability.


Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0077


-------------------------------------------------

Handler on duty: Pedro Bueno (bueno@ieee.org)
Keywords:
0 comment(s)
Diary Archives