Re: Norton AntiVirus 2002 fails to scan files with ... [2'nd... UPDATED] Message-ID: 20040306040833.28300

• Previous message: Arab VieruZ: "Cpanel 8.*.* have a problem ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: bugtraq@securityfocus.com
Date: Thu, 11 Mar 2004 07:48:00 -0600

In Response to:

Norton AntiVirus 2002 fails to scan files with ... [2'nd... UPDATED]
Date: Mar 6 2004 4:08AM
Author: Bipin Gautam. <door_hunt3r blackcodemail com>
Message-ID: <20040306040833.28300.qmail@www.securityfocus.com>

Bipin Gautam submitted:
 
 
        In-Reply-To: <20040305183533 17369 qmail www securityfocus com>

        Subject: Norton Antivirus 2002 fails to scan files with special
character(s) properly.
        Published: Friday, 05 March, 2004
        Updated: 06-Mar-04
        Discovered By: Bipin Gautam ( hUNT3R )
        Product Version: Norton Antivirus 2002 [ ver: 8.00.58 ] (~Only
tested On...~)
        Risk Impact: Low-Medium

        * * *
        Details:

        During a 'manual scan' of a folder, if Norton Antivirus (NAV)
encounters a file /folder
        name with 'some' ASCII characters ( 1-31) NAV can't further
proceed the manual
        scan and its front-end 'NAVW32.exe' crashes! This Bug has no
impact in the
        NAV Auto-Protect Engine.

        Exploit 1). : http://www.geocities.com/visitbipin/test_nav.zip
        Create a folder (say: '!' ) and put some sub-folders and files in
it. The file/sub-
        folder name must contain ASCII character(s) ( 1-31) . Have a
manual scan of
        the folder named '!' NAV can't proceed the scan and crashes!

        Exploit 2). : Run this batch script, first and make sure you have
95 sub-folders inside
 
-------------------------snip------------------------------------------------------------
 
SymSecurity Response:

Bipin Gautam posted two issues he found in an early build version of
Symantec Norton AntiVirus 2002.

Symantec engineers did test both issues against current Symantec AntiVirus
products. The results of our testing shows that currently supported and
up-to-date versions of Symantec AntiVirus products, to include Symantec
Norton AntiVirus 2002, fully protect our customers against either of these
issues.

Symantec takes the security and proper functionality of its products very
seriously. As founding members in the Organization for Internet Safety,
Symantec follows the process of responsible disclosure.

Symantec Product Security Contact Information:
Anyone with information on potential or actual security issues with
Symantec products should contact symsecurity@symantec.com

• Previous message: Arab VieruZ: "Cpanel 8.*.* have a problem ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]