mailing list archives
Re: Symantec engineers are half-wit or...?
From: Jimmy Mitchener <jman5000 () pacbell net>
Date: Tue, 16 Mar 2004 23:54:35 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Sorry, what was that? I heard somethng about an exploit or two ... and
you not getting credit? Sorry, I couldn't hear between all of the
useless ranting and that goddamn screaming of yours.
bipin gautam wrote:
| [Note: *I HAVEN'T TESTED BOTH NAV exploits in older
| version's OF NAV* ]
| I reported the "NAV auto protect bypass" exploit
| [http://www.securityfocus.com/bid/9814] to symantec
| more than a year ago. They replied me; "they are
| testing the issue..." then i got NO responce from
| symantec. May-be they put a silent fix... cauz the
| exploit doesn't work for NAV 2003! But this exploit
| still works on NAV 2002! [last tested : Feb. 2004 ] I
| did posted this exploit in several discussion fourms;
| SINCE then people have been successfully pissing NAV
| Then, Just after 6 months of releasing the "NAV auto
| protect bypass" exploit.... This time i didn't
| reported this bug FORMALLY to symantec; instead JUST
| reported this issue to some discussion forms cauz NAV
| ignored my LAST advisory nor.... gave me any short of
| credit............. INSTEAD put a silent FIX in its
| In "NAV manual scan BYPASS..." exploit.... i
| discoverd; a nested file [ virus/trojan] with special
| ASCII char. as filename if placed inside a specially
| crafted directories... with special ASCII char. as
| folder-NAME....then...... If we have a manual scan of
| the directory........ either NAV crashes or! it goes
| on scanning the same directory again and again
| REPETEDLY to an infinite LOOP [BOOM DoS!]
| But Mark the fact; in every of my advisory I just
| reported; "...Successfully exploiting the bug just
| crashes the NAV front END![manual scan] This exploit
| has no impact on NAV auto protect engine." [last
| tested on fully patched NAV 2002 : Feb. 2004 ]
| If you read the advisory in bugtraq: [...ASCII Control
| Character Denial Of Service Vulnerability]
| There is a statememt: 'Although unconfirmed this issue
| may allow a malicious file to go un-scanned, and so
| lead a user into a false sense of security. '
| BUGTRAQ guys are talking about DoS etc... too!!! ITS
| TRUE, but......... I never reported that... neither I
| know anyone on the internet that EVER raised the
| issue! Seems like, guys at bugtraq tested
| it............ and found both of the issues to be
| true; BUT engineers at symantic still have hard TIME
| accepting the ISSUE???!
| they couldn't reproduce the exploit in their LAB......
| NOW symantec is trying to hide BOTH OF THESE ISSUE; by
| exclaming..... NAV is immune to both of the ISSUE!!!
| Note: [...ASCII Control Character Denial Of Service
| Vulnerability] ONLY works when you have... Nested file
| with special ASCII char. as filename if placed inside
| a specially crafted directories... with special ASCII
| char. as folder-NAME....
| [the folder should contain.... some files and folders
| with LONG [>8 char.] file names
| say: " [some name] [special ASCII] ! [some special
| char*] ... lame " file /folder NAME!!!
| bipin gautam
| Do you Yahoo!?
| Yahoo! Mail - More reliable, more storage, less spam
| Full-Disclosure - We believe in it.
| Charter: http://lists.netsys.com/full-disclosure-charter.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.