[13042] in bugtraq
Re: Fwd: Norton Email Protection Remote Overflow (Addendum)
daemon@ATHENA.MIT.EDU (Nicholas Brawn)
Tue Dec 21 18:10:31 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.9912211124290.6106-100000@zipperii.zip.com.au>
Date: Tue, 21 Dec 1999 11:33:41 +1100
Reply-To: Nicholas Brawn <ncb@ATTRITION.ORG>
From: Nicholas Brawn <ncb@ATTRITION.ORG>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <4.2.0.58.19991221103546.009e3f00@192.168.0.1>
I would like to add that Symantec has been notified by myself, and should
already have been aware of an issue due to another Bugtraq post on POProxy
and the potential for a DoS attack.
Cheers,
Nick
> >From: Matt Conover <shok@cannabis.dataforce.net>
> >Subject: Norton Email Protection Remote Overflow (Addendum)
> >X-To: bugtraq@securityfocus.com
> >To: BUGTRAQ@SECURITYFOCUS.COM
> >
> >This was going to be w00giving #11 (w00giving #10 will be posted within
> >the next few days). Anyway, this allows EIP to be overwritten with 265+
> >bytes, which person who posted this vulnerability failed to mention or
> >failed to notice. It's unclear if he labeled it as a DoS because he
> >didn't realize it overwrote EIP or because he was unable to produce an
> >exploit. We have not had a chance to write an exploit and we will also
> >try to do that within the next few days.
> >
> >w00w00 Security Development
> >
> >Title: Buffer Overflow in POProxy (Norton Antivirus 2000)
> >Platforms: Windows 95/98/NT/2000
> >Date: 11th December, 1999
> >Last Updated: n/a
> >Vendor Notified: n/a
> >Author: Nicholas Brawn <ncb@attrition.org>
