Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Fwd: Norton Email Protection Remote Overflow (Addendum)
From: ncb () ATTRITION ORG (Nicholas Brawn)
Date: Tue, 21 Dec 1999 11:33:41 +1100

I would like to add that Symantec has been notified by myself, and should
already have been aware of an issue due to another Bugtraq post on POProxy
and the potential for a DoS attack.


From: Matt Conover <shok () cannabis dataforce net>
Subject:      Norton Email Protection Remote Overflow (Addendum)
X-To:         bugtraq () securityfocus com

This was going to be w00giving #11 (w00giving #10 will be posted within
the next few days).  Anyway, this allows EIP to be overwritten with 265+
bytes, which person who posted this vulnerability failed to mention or
failed to notice.  It's unclear if he labeled it as a DoS because he
didn't realize it overwrote EIP or because he was unable to produce an
exploit.  We have not had a chance to write an exploit and we will also
try to do that within the next few days.

w00w00 Security Development

Title:          Buffer Overflow in POProxy (Norton Antivirus 2000)
Platforms:      Windows 95/98/NT/2000
Date:           11th December, 1999
Last Updated:   n/a
Vendor Notified: n/a
Author:         Nicholas Brawn <ncb () attrition org>

  By Date           By Thread  

Current thread:
  • Re: Fwd: Norton Email Protection Remote Overflow (Addendum) Nicholas Brawn (Dec 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]