| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <40F2D344.3000400@bnl.gov> From: mcuttler at bnl.gov (Matt Cuttler) Subject: Norton AntiVirus Scanner Remote Denial Of ServiceVulnerability [Part: !!!] clamav has options such as: --max-files --max-space --max-recursion and --max-ratio ..which will protect against these types of DOS attacks. -Matt Cuttler Richard Massa wrote: >exploit does not crash SAV corporate edition 8.1.1.319, Scan engine 4.2.0.7. >Scan of file completes successfully. > >On Fri, Jul 09, 2004 at 08:55:45PM -0700, bipin gautam wrote: > > >>--- "Peter B. Harvey (Information Security)" >><peterharvey@...rgency.qld.gov.au> wrote: >> >> >>>Could you please password protect it and email it to >>>me. Ill test on Trend Micro. >>> >>>Peter >>> >>> >>dust download the file and hit scan, watch out You AV >>can trigger a DoS autometically. >> >>It has been confirmed Norton 2004 uses 100% cpu for a >>indefinate amount of time. (Tested in 3 Ghz processor) >> >>Please read updates in this advisory at: >> >>http://www.geocities.com/visitbipin/Nav_dos_part_3.html >> >>and test the exploit with some other AV scanners! >> >>------------ >>bipin >> >> >> >>__________________________________ >>Do you Yahoo!? >>Yahoo! Mail - 50x more storage than other providers! >>http://promotions.yahoo.com/new_mail >> >>_______________________________________________ >>Full-Disclosure - We believe in it. >>Charter: http://lists.netsys.com/full-disclosure-charter.html >> >> >> > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040712/2efaa5d8/attachment.html
Powered by blists - more mailing lists