Re: Norton AntiVirus Remote Denial Of Service Vulnerability [Part: !!!_update]

From: Bipin Gautam (visitbipin_at_hotmail.com)
Date: 07/12/04

  • Next message: Brett Moore: "White Paper: 0x00 vs ASP file upload scripts" 
    Date: 12 Jul 2004 16:31:13 -0000
To: vuln-dev@securityfocus.com
    ('binary' encoding is not supported, stored as-is) In-Reply-To: <20040710014540.25125.qmail@mail2.securityfocus.com>

    >From: "Dr PC Fix Security" <Security@drpcfix.com>
    <20040709123046.31037.qmail@www.securityfocus.com>
    >Thread-Index: AcRl7jNFH5UoKQz2TOO1HG/4w7tqiAAML3Pg
    >
    >
    >Norton 2002, consumed about 20% cpu for 3 seconds until it found the virus.
    >

    I doubt, the proof of concept doesn't work for NAV 2002. Please mark the fact, a DoS is triggered not during the virus scan but... if your AV engine try ot repair or QUARANTINE the virus a DoS is triggered.

    So, please check out the temporary fix i've proposed as well.

    bipin gautam

  • Next message: Brett Moore: "White Paper: 0x00 vs ASP file upload scripts"

    Relevant Pages

    • Re: A Fix for a undetectable computer virus
      ... was represented as a Microsoft DOS. ... virus or malicious code. ... I found an incredible way to fix this problem. ... I believe this malicious code is the ...
      (comp.security.misc)
    • Re: What virus would delete windows files
      ... I was able to restore from a backup using dos. ... I also plan to check for spyware after virus scanning. ... supports nt versions of windows i'm going to suggest it's predecessor, ... The other day when I lost all the files in the root dir., ...
      (alt.comp.anti-virus)
    • A Fix for a undetectable computer virus
      ... was represented as a Microsoft DOS. ... virus or malicious code. ... I believe this malicious code is the ... malicious code that is on blank 1.44 floppy diskettes. ...
      (comp.security.misc)
    • Re: Is this some sort of virus?
      ... If the virus is too new for your definitions, mail scan will let it through; ... because NAV kept interfering with F-Prot for DOS. ... Prot for DOS as part of its AV Policy. ... real-world virus infected email, it made it to the Inbox. ...
      (microsoft.public.security.virus)
    • Re: Gamma Function
      ... the destructive Windows critter-makers who are ... Windows runs DOS programs ... DOS isn't a multi-tasking operating system. ... The virus itself is but a code fragment that attaches ...
      (sci.physics.relativity)