lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <4058043B.6090304@pacbell.net> From: jman5000 at pacbell.net (Jimmy Mitchener) Subject: Symantec engineers are half-wit or...? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sorry, what was that? I heard somethng about an exploit or two ... and you not getting credit? Sorry, I couldn't hear between all of the useless ranting and that goddamn screaming of yours. bipin gautam wrote: | | [Note: *I HAVEN'T TESTED BOTH NAV exploits in older | version's OF NAV* ] | | I reported the "NAV auto protect bypass" exploit | [http://www.securityfocus.com/bid/9814] to symantec | more than a year ago. They replied me; "they are | testing the issue..." then i got NO responce from | symantec. May-be they put a silent fix... cauz the | exploit doesn't work for NAV 2003! But this exploit | still works on NAV 2002! [last tested : Feb. 2004 ] I | did posted this exploit in several discussion fourms; | SINCE then people have been successfully pissing NAV | 2002. | | Then, Just after 6 months of releasing the "NAV auto | protect bypass" exploit.... This time i didn't | reported this bug FORMALLY to symantec; instead JUST | reported this issue to some discussion forms cauz NAV | ignored my LAST advisory nor.... gave me any short of | credit............. INSTEAD put a silent FIX in its | PRODUCT!??? | | In "NAV manual scan BYPASS..." exploit.... i | discoverd; a nested file [ virus/trojan] with special | ASCII char. as filename if placed inside a specially | crafted directories... with special ASCII char. as | folder-NAME....then...... If we have a manual scan of | the directory........ either NAV crashes or! it goes | on scanning the same directory again and again | REPETEDLY to an infinite LOOP [BOOM DoS!] | | But Mark the fact; in every of my advisory I just | reported; "...Successfully exploiting the bug just | crashes the NAV front END![manual scan] This exploit | has no impact on NAV auto protect engine." [last | tested on fully patched NAV 2002 : Feb. 2004 ] | | but!: | | If you read the advisory in bugtraq: [...ASCII Control | Character Denial Of Service Vulnerability] | http://www.securityfocus.com/bid/9811/discussion/ | There is a statememt: 'Although unconfirmed this issue | may allow a malicious file to go un-scanned, and so | lead a user into a false sense of security. ' | | BUGTRAQ guys are talking about DoS etc... too!!! ITS | TRUE, but......... I never reported that... neither I | know anyone on the internet that EVER raised the | issue! Seems like, guys at bugtraq tested | it............ and found both of the issues to be | true; BUT engineers at symantic still have hard TIME | accepting the ISSUE???! | | or? | they couldn't reproduce the exploit in their LAB...... | | NOW symantec is trying to hide BOTH OF THESE ISSUE; by | exclaming..... NAV is immune to both of the ISSUE!!! | | Note: [...ASCII Control Character Denial Of Service | Vulnerability] ONLY works when you have... Nested file | with special ASCII char. as filename if placed inside | a specially crafted directories... with special ASCII | char. as folder-NAME.... | | [the folder should contain.... some files and folders | with LONG [>8 char.] file names | | say: " [some name] [special ASCII] ! [some special | char*] ... lame " file /folder NAME!!! | | Ref: | http://www.geocities.com/visitbipin/nav_bugs.html | http://www.geocities.com/visitbipin/ | | ----------------------------------------------------------------- | bipin gautam | | __________________________________ | Do you Yahoo!? | Yahoo! Mail - More reliable, more storage, less spam | http://mail.yahoo.com | | _______________________________________________ | Full-Disclosure - We believe in it. | Charter: http://lists.netsys.com/full-disclosure-charter.html | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAWAQ7wWNPHBCx0c8RAhVUAJ47nN84VObAkOnV8TH+HXl075zedgCcDd1u 83m14ui9nRnI4nb9gd3l2uc= =5dDp -----END PGP SIGNATURE-----
Powered by blists - more mailing lists