| Virus
Warnings |
| Name
of the virus |
Trojan.Ecure.C
|
| Discovery
Date |
07
July 2004 |
| Aliases |
Trojan.Ecure |
| Description |
Trojan.Ecure.C
is a Trojan horse that modifies the Hosts file and the Internet
Explorer home page. |
| Alert |
Low |
| Fix
information/ Recovery |
The
following instructions pertain to all current and recent Symantec
antivirus products, including the Symantec AntiVirus and Norton
AntiVirus product lines. Disable System Restore (Windows Me/XP).
Update the virus definitions. Run a full system scan and delete
all the files detected as Trojan.Ecure.C. Reverse the changes
that were made to the registry. Reset the Internet Explorer
home page. Delete the added lines from the Windows Hosts file.
http://www.symantec.com/avcenter/venc/data/trojan.ecure.c.html
|
| Name
of the virus |
W32.Beagle.Z@mm |
| Discovery
Date |
07
july 2004 |
| Aliases |
W32.Beagle.Z@mm
is a mass-mailing worm that uses its own SMTP engine to spread
through email and opens a backdoor on TCP port 1234. |
| Description |
W32.Beagle.Z@mm
is a mass-mailing worm that uses its own SMTP engine to spread
through email and opens a backdoor on TCP port 1234. The worm
is functionally similar to W32.Beagle.Y@mm and is packed with
PeX. |
| Alert |
Low |
| Fix
information/ Recovery |
Removal
using the W32.Beagle@mm Removal Tool Symantec Security Response
has developed a removal tool to clean the infections of W32.Beagle.Z@mm.
Use this removal tool first, as it is the easiest way to remove
this threat. Manual Removal The following instructions pertain
to all current and recent Symantec antivirus products, including
the Symantec AntiVirus and Norton AntiVirus product lines.
Disable System Restore (Windows Me/XP). Update the virus definitions.
Restart the computer in Safe mode or VGA mode. Run a full
system scan and delete all the files detected as W32.Beagle.Z@mm.
Delete the value that was added to the registry.
http://www.symantec.com/avcenter/venc/data/w32.beagle.z@mm.html
|
| Name
of the virus |
W32.Lovgate.Z@mm |
| Discovery
Date |
07
July 2004 |
| Aliases |
Worm.LovGate.ah
[Kaspersky], W32/Lovgate.af@MM [McAfee] |
| Description |
W32.Lovgate.Z@mm
is a mass-mailing worm that also spreads through open network
shares. The email will have a variable subject and file attachment
name, with a .bat, .exe, .pif, or .scr file extension. |
| Alert |
Low |
| Fix
information/ Recovery |
The
following instructions pertain to all current and recent Symantec
antivirus products, including the Symantec AntiVirus and Norton
AntiVirus product lines. Disable System Restore (Windows Me/XP).
Update the virus definitions. Reverse the changes made to
the registry. Restart the computer in Safe mode or VGA mode.
Run a full system scan and delete all the files detected as
W32.Lovgate.Z@mm. Rename the .zmx files to the .exe files.
http://www.symantec.com/avcenter/venc/data/w32.lovgate.z@mm.html
|
| Vulnerability
Updates |
| Name
of the Vulnerability |
Ethereal
Multiple Vulnerabilities |
| Discovery
Date |
07
July 2004 |
| Description |
Three
vulnerabilities have been discovered in Ethereal, which can
be exploited by malicious people to cause a DoS (Denial of
Service) or compromise a vulnerable system. 1) An unspecified
error within the iSNS dissector can reportedly make Ethereal
abort in certain cases. This vulnerability affects versions
0.10.3 and 0.10.4. 2) An unspecified error within the SMB
dissector may crash the application when SID snooping is enabled
and there is no policy name for a handle. This vulnerability
affects versions 0.9.15 through 0.10.4. 3) An unspecified
error within the SNMP dissector can be exploited to crash
the application via a malformed or missing community string.
|
| Alert |
Medium |
| Impact
of Vulnerability |
DoS
System access from local network |
Workaround/
Solutions |
Update
to version 0.10.5 when it becomes available: http://www.ethereal.com/download.html
http://secunia.com/advisories/12024/
|
| Name
of the Vulnerability |
Mbedthis
AppWeb Multiple Vulnerabilities |
| Discovery
Date |
07
July 2004 |
| Description |
Multiple
vulnerabilities have been discovered in Mbedthis AppWeb. Some
currently have an unknown impact and others may be exploited
by malicious people to gain knowledge of sensitive information
or bypass certain security restrictions. |
| Alert |
|
| Impact
of Vulnerability |
Security
Bypass,exposure of sensitive information from remote |
Workaround/
Solutions |
The
vulnerability has been fixed in versions 1.0.4 and 1.1.3.
http://www.mbedthis.com/downloads/appWeb/index.html
http://secunia.com/advisories/12011/
|
