Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Symantec engineers are half-wit or...?
From: Jimmy Mitchener <jman5000 () pacbell net>
Date: Tue, 16 Mar 2004 23:54:35 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sorry, what was that? I heard somethng about an exploit or two ... and
you not getting credit? Sorry, I couldn't hear between all of the
useless ranting and that goddamn screaming of yours.


bipin gautam wrote:
|       
|       [Note: *I HAVEN'T TESTED BOTH NAV exploits in older
| version's OF NAV* ]
|
|       I reported the "NAV auto protect bypass" exploit
| [http://www.securityfocus.com/bid/9814] to symantec
| more than a year ago. They replied me; "they are
| testing the issue..." then i got NO responce from
| symantec. May-be they put a silent fix... cauz the
| exploit doesn't work for NAV 2003! But this exploit
| still works on NAV 2002! [last tested : Feb. 2004 ] I
| did posted this exploit in several discussion fourms;
| SINCE then people have been successfully pissing NAV
| 2002.
|
| Then, Just after 6 months of releasing the "NAV auto
| protect bypass" exploit.... This time i didn't
| reported this bug FORMALLY to symantec; instead JUST
| reported this issue to some discussion forms cauz NAV
| ignored my LAST advisory nor.... gave me any short of
| credit............. INSTEAD put a silent FIX in its
| PRODUCT!???
|
| In  "NAV manual scan BYPASS..." exploit....  i
| discoverd; a nested file [ virus/trojan] with special
| ASCII char. as filename if placed inside a specially
| crafted directories... with special ASCII char. as
| folder-NAME....then...... If we have a manual scan of
| the directory........ either NAV crashes or! it goes
| on scanning the same directory again and again
| REPETEDLY to an infinite LOOP [BOOM DoS!]
|
| But Mark the fact; in every of my advisory I just
| reported; "...Successfully exploiting the bug just
| crashes the NAV front END![manual scan] This exploit
| has no impact on NAV auto protect engine."  [last
| tested on fully patched NAV 2002 : Feb. 2004 ]
|
| but!:
|
| If you read the advisory in bugtraq: [...ASCII Control
| Character Denial Of Service Vulnerability]
| http://www.securityfocus.com/bid/9811/discussion/
| There is a statememt: 'Although unconfirmed this issue
| may allow a malicious file to go un-scanned, and so
| lead a user into a false sense of security. '
|
| BUGTRAQ guys are talking about DoS etc... too!!! ITS
| TRUE, but......... I never reported that... neither I
| know anyone on the internet that EVER raised the
| issue! Seems like, guys at bugtraq tested
| it............ and found both of the issues to be
| true; BUT engineers at symantic still have hard TIME
| accepting the ISSUE???!
|
| or?
| they couldn't reproduce the exploit in their LAB......
|
| NOW symantec is trying to hide BOTH OF THESE ISSUE; by
| exclaming..... NAV  is immune to both of the ISSUE!!!
|
| Note: [...ASCII Control Character Denial Of Service
| Vulnerability] ONLY works when you have... Nested file
| with special ASCII char. as filename if placed inside
| a specially crafted directories... with special ASCII
| char. as folder-NAME....
|
| [the folder should contain.... some files and folders
| with LONG [>8 char.] file names
|
| say: " [some name] [special ASCII] ! [some special
| char*] ... lame "     file /folder NAME!!!
|
| Ref:
| http://www.geocities.com/visitbipin/nav_bugs.html
| http://www.geocities.com/visitbipin/
|
| -----------------------------------------------------------------
| bipin gautam
|
| __________________________________
| Do you Yahoo!?
| Yahoo! Mail - More reliable, more storage, less spam
| http://mail.yahoo.com
|
| _______________________________________________
| Full-Disclosure - We believe in it.
| Charter: http://lists.netsys.com/full-disclosure-charter.html
|

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAWAQ7wWNPHBCx0c8RAhVUAJ47nN84VObAkOnV8TH+HXl075zedgCcDd1u
83m14ui9nRnI4nb9gd3l2uc=
=5dDp
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault