In response to the following posting from mreckz....... bugtraq@blue-fer ret.com.au To: bugtraqat_private cc: 05/24/01 06:59 Subject: Nortan Antivirus 2000 Poproxy.exe problem AM Please respond to mreckz Poproxy.exe is the email virus scanner included in Nortan Antivirus 2000 (maybe other versions too). It listens on port 110 and acts as a mail server, retreiving your mail then scanning it, and passing it along to the mail client (i think). While messing around with this i crashed the server by sending it too many characters (269 or more). Once the program crashes the user is unable to receive email until the next reboot (or poproxy.exe is run again) --------------------snip-------------------------------- Reference: Bugtraq ID 2766, Norton Anti-Virus 2000 POProxy.exe Buffer Overflow Vulnerability. This issue is a duplicate of the issue reported 17 Dec, 1999 as Bugtrag ID 877, "Norton Antivirus 2000 POProxy USER Vulnerability". A Symantec NAV patch was issued for BID 877 , available for download from the following location http://service1.symantec.com/SUPPORT/nav.nsf/docid/1999122317000206&src=exp . For maximum effectiveness, the latest updates should always be downloaded and applied to any product. Symantec takes very seriously any security concerns with Symantec products and welcomes the opportunity to work closely with users to address security issues. Thank You, Sym Securityat_private Sym Security's PGP Key is available from certserver.pgp.com and MIT's PGP key server.
This archive was generated by hypermail 2b30 : Mon Jun 04 2001 - 08:30:46 PDT