lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <02BE51BB95EED411A69C0008C7CFDEF005ABD83B@RIADALVXM02>
From: Mark.Raven at thomson.com (Raven, Mark)
Subject: Symantec engineers are half-wit or...?

Bipin,

I have no idea what you mean by "SINCE then people have been successfully
pissing NAV 2002." I am confident however, that zipped or unzipped the
outcome is the same.

Gotta go, gotta go, gotta go right now.

-----Original Message-----
From: bipin gautam [mailto:visitbipin@...oo.com] 
Sent: Monday, March 15, 2004 11:15 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Symantec engineers are half-wit or...?


	
	[Note: *I HAVEN'T TESTED BOTH NAV exploits in older
version's OF NAV* ]

	I reported the "NAV auto protect bypass" exploit
[http://www.securityfocus.com/bid/9814] to symantec more than a year ago.
They replied me; "they are testing the issue..." then i got NO responce from
symantec. May-be they put a silent fix... cauz the exploit doesn't work for
NAV 2003! But this exploit still works on NAV 2002! [last tested : Feb. 2004
] I did posted this exploit in several discussion fourms; SINCE then people
have been successfully pissing NAV 2002.

Then, Just after 6 months of releasing the "NAV auto
protect bypass" exploit.... This time i didn't
reported this bug FORMALLY to symantec; instead JUST
reported this issue to some discussion forms cauz NAV
ignored my LAST advisory nor.... gave me any short of credit.............
INSTEAD put a silent FIX in its PRODUCT!???

In  "NAV manual scan BYPASS..." exploit....  i
discoverd; a nested file [ virus/trojan] with special
ASCII char. as filename if placed inside a specially
crafted directories... with special ASCII char. as folder-NAME....then......
If we have a manual scan of the directory........ either NAV crashes or! it
goes on scanning the same directory again and again REPETEDLY to an infinite
LOOP [BOOM DoS!]

But Mark the fact; in every of my advisory I just
reported; "...Successfully exploiting the bug just
crashes the NAV front END![manual scan] This exploit
has no impact on NAV auto protect engine."  [last
tested on fully patched NAV 2002 : Feb. 2004 ] 

but!:

If you read the advisory in bugtraq: [...ASCII Control Character Denial Of
Service Vulnerability] http://www.securityfocus.com/bid/9811/discussion/
There is a statememt: 'Although unconfirmed this issue
may allow a malicious file to go un-scanned, and so
lead a user into a false sense of security. '

BUGTRAQ guys are talking about DoS etc... too!!! ITS
TRUE, but......... I never reported that... neither I
know anyone on the internet that EVER raised the
issue! Seems like, guys at bugtraq tested
it............ and found both of the issues to be
true; BUT engineers at symantic still have hard TIME
accepting the ISSUE???! 

or?
they couldn't reproduce the exploit in their LAB......

NOW symantec is trying to hide BOTH OF THESE ISSUE; by exclaming..... NAV
is immune to both of the ISSUE!!!

Note: [...ASCII Control Character Denial Of Service Vulnerability] ONLY
works when you have... Nested file with special ASCII char. as filename if
placed inside a specially crafted directories... with special ASCII char. as
folder-NAME....

[the folder should contain.... some files and folders
with LONG [>8 char.] file names 

say: " [some name] [special ASCII] ! [some special
char*] ... lame "     file /folder NAME!!!

Ref:
http://www.geocities.com/visitbipin/nav_bugs.html
http://www.geocities.com/visitbipin/

-----------------------------------------------------------------
bipin gautam

__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam http://mail.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040316/f40352e4/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ