Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Norton AntiVirus 2002 fails to scan files with ...

From: bipin gautam <visitbipin () yahoo com>
Date: Mon, 15 Mar 2004 21:16:27 -0800 (PST)

--- Erwin Paternotte <e.paternotte () itsec-ss nl> > >

Ok, so that one is silently fixed by Symantec. What
about the other 
vulnerability you reported recently? I mean the one
that will crash NAV 
by using special ASCII characters 
(http://www.securityfocus.com/bid/9811). That is
something you didn't 
report before, did you? Is that one still working on
a fully patched NAV 
2002?

Regards,

Erwin



        
        [Note: *I HAVEN'T TESTED BOTH NAV exploits in older
version's OF NAV* ]

        I reported the "NAV auto protect bypass" exploit
[http://www.securityfocus.com/bid/9814] to symantec
more than a year ago. They replied me; "they are
testing the issue..." then i got NO responce from
symantec. May-be they put a silent fix... cauz the
exploit doesn't work for NAV 2003! But this exploit
still works on NAV 2002! [last tested : Feb. 2004 ] I
did posted this exploit in several discussion fourms;
SINCE then people have been successfully pissing NAV
2002.

Then, Just after 6 months of releasing the "NAV auto
protect bypass" exploit.... This time i didn't
reported this bug FORMALLY to symantec; instead JUST
reported this issue to some discussion forms cauz NAV
ignored my LAST advisory nor.... gave me any short of
credit............. INSTEAD put a silent FIX in its
PRODUCT!???

In  "NAV manual scan BYPASS..." exploit....  i
discoverd; a nested file [ virus/trojan] with special
ASCII char. as filename if placed inside a specially
crafted directories... with special ASCII char. as
folder-NAME....then...... If we have a manual scan of
the directory........ either NAV crashes or! it goes
on scanning the same directory again and again
REPETEDLY to an infinite LOOP [BOOM DoS!]

But Mark the fact; in every of my advisory I just
reported; "...Successfully exploiting the bug just
crashes the NAV front END![manual scan] This exploit
has no impact on NAV auto protect engine."  [last
tested on fully patched NAV 2002 : Feb. 2004 ] 

but!:

If you read the advisory in bugtraq: [...ASCII Control
Character Denial Of Service Vulnerability]
http://www.securityfocus.com/bid/9811/discussion/
There is a statememt: 'Although unconfirmed this issue
may allow a malicious file to go un-scanned, and so
lead a user into a false sense of security. '

BUGTRAQ guys are talking about DoS etc... too!!! ITS
TRUE, but......... I never reported that... neither I
know anyone on the internet that EVER raised the
issue! Seems like, guys at bugtraq tested
it............ and found both of the issues to be
true; BUT engineers at symantic still have hard TIME
accepting the ISSUE???! 

or?
they couldn't reproduce the exploit in their LAB......

NOW symantec is trying to hide BOTH OF THESE ISSUE; by
exclaming..... NAV  is immune to both of the ISSUE!!!

Note: [...ASCII Control Character Denial Of Service
Vulnerability] ONLY works when you have... Nested file
with special ASCII char. as filename if placed inside
a specially crafted directories... with special ASCII
char. as folder-NAME....

[the folder should contain.... some files and folders
with LONG [>8 char.] file names 

say: " [some name] [special ASCII] ! [some special
char*] ... lame "     file /folder NAME!!!

Ref:
http://www.geocities.com/visitbipin/nav_bugs.html
http://www.geocities.com/visitbipin/

-----------------------------------------------------------------
bipin gautam

__________________________________
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://antispam.yahoo.com/whatsnewfree

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: