Home page logo

bugtraq logo Bugtraq mailing list archives

RE: Nortan Antivirus 2000 Poproxy.exe problem
From: Franklin DeMatto <franklin () qDefense com>
Date: Fri, 25 May 2001 1:2:39 -0600

This was a known problem, already publicised in 1999.

Symantec fixed it, and also had POPROXY.EXE bind
to 127 so as to only accept connections from localhost.

See http://www.securityfocus.com/bid/877

Franklin DeMatto
franklin () qDefense com

qDefense offers a wide variety of services at affordable prices
See http://qDefense.com/Services/services.html

Original messages:

Poproxy.exe is the email virus scanner included in Nortan Antivirus 2000... 
While messing around with this i crashed the server by sending it 
too many characters (269 or more). 

perl -e '{print "A"x269}' |nc 110 
where is the windows machine running poproxy.exe 

Can anyone else confirm this? 

Hi! I am having difficulty confirming this for two reasons. Perhaps I am 
doing something wrong. I am running Norton Antivirus 2000 with poproxy.exe 
on MS Outlook 2000. 
poproxy.exe SEEMS to only bind to localhost ( instead of my IP on 
the network ( If I try to telnet to port 110 from another 
Windows machine, it cannot connect. If I try to telnet to from my 
own machine, it connects fine. Once I did connect to it from localhost, I 
sent 269+ chars to it and only received back "-ERR". I did not experience a 

Again, perhaps I'm doing something wrong. 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]