[13013] in bugtraq
Fw: NAV2000 Email Protection DoS
daemon@ATHENA.MIT.EDU (Bohemian)
Mon Dec 20 11:01:26 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <001a01bf48fc$6e7e6980$2c44cea7@optonline.net>
Date: Fri, 17 Dec 1999 21:06:00 -0500
Reply-To: Bohemian <bohemian@OPTONLINE.NET>
From: Bohemian <bohemian@OPTONLINE.NET>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
I couldn't recreate this on my machine which is running Norton 2000. It's
running a pop server on port 110 but any invalid input, like the one
suggested below, causes immediate disconnection from the host. I just D/Led
a software update for it, so maybe it was fixed.
MrBohemian
MCP
----- Original Message -----
From: <kyle@RAGEOUT.ORG>
To: <BUGTRAQ@SECURITYFOCUS.COM>
Sent: Friday, December 17, 1999 11:34 AM
Subject: NAV2000 Email Protection DoS
> Hello, I just found somewhat of a problem in Symantec's Email protection
> in NAV2000.
>
> The Protection program leaves a pop server running on the local
> workstation NAV2000 is installed on.. This server can be crashed somewhat
> like this
> telnet 1.1.1.1
> USER (over 1200 char)
>
> Then, GPF in windows98
> POPROXY caused an invalid page fault in
> module <unknown> at 0000:31393837.
> Registers:
> EAX=02bcfcbc CS=017f EIP=31393837 EFLGS=00010246
> EBX=02bcfcbc SS=0187 ESP=02ad001c EBP=02ad003c
> ECX=02ad00c0 DS=0187 ESI=817538c0 FS=4fbf
> EDX=bff76855 ES=0187 EDI=02ad00e8 GS=0000
> Bytes at CS:EIP:
>
> Stack dump:
> bff76849 02ad00e8 02bcfcbc 02ad0104 02ad00c0 02ad01f4 bff76855 02bcfcbc
> 02ad00d0 bff87fe9 02ad00e8 02bcfcbc 02ad0104 02ad00c0 31393837 02ad02ac
>
> In the time after the crash user must reboot to regain email function on
> Workstation
>
>
> This as been tested on 3 Machines Win98 SE Win95 rev B and Win95 rev C
>
