sic
2004-03-10, 06:47 PM
http://securitytracker.com/alerts/2004/Mar/1009333.html
Symantec's Norton Anti-Virus Fails to Scan Files With Certain Characters in Path Names
SecurityTracker Alert ID: 1009333
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Mar 5 2004
Impact: Denial of service via local system
Exploit Included: Yes
Version(s): 2002; version 8.00.58; possibly others
Description: A vulnerability was reported in Symantec's Norton Anti-Virus. A local user or a virus may create a file or directory that cannot be scanned by the anti-virus engine.
Bipin Gautam ( hUNT3R ) reported that the software will crash when performing a manual scan of a file or folder with a name containing certain ASCII characters. The report indicates that ASCII characters 1 - 31 can be used in a folder or filename to trigger the flaw. For example, a folder named '!' can be used. When Norton Anti-Virus attempts to scan the folder manually, 'NAVW32.exe' will crash, the report said.
The Auto-Protect feature is not affected, the report said.
A demonstration exploit is available at:
http://www.geocities.com/visitbipin/t est_nav.zip
Impact: A local user (or virus code) can create a file with a particular type of file path name that will not be scanned manually by the anti-virus scanning engine.
Solution: No solution was available at the time of this entry.
Vendor URL: www.symantec.com/ (Links to External Site)
Cause: State error
Underlying OS: Windows (Any)
Reported By: "Bipin Gautam." <[email protected]>
Message History: None.
Symantec's Norton Anti-Virus Fails to Scan Files With Certain Characters in Path Names
SecurityTracker Alert ID: 1009333
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Mar 5 2004
Impact: Denial of service via local system
Exploit Included: Yes
Version(s): 2002; version 8.00.58; possibly others
Description: A vulnerability was reported in Symantec's Norton Anti-Virus. A local user or a virus may create a file or directory that cannot be scanned by the anti-virus engine.
Bipin Gautam ( hUNT3R ) reported that the software will crash when performing a manual scan of a file or folder with a name containing certain ASCII characters. The report indicates that ASCII characters 1 - 31 can be used in a folder or filename to trigger the flaw. For example, a folder named '!' can be used. When Norton Anti-Virus attempts to scan the folder manually, 'NAVW32.exe' will crash, the report said.
The Auto-Protect feature is not affected, the report said.
A demonstration exploit is available at:
http://www.geocities.com/visitbipin/t est_nav.zip
Impact: A local user (or virus code) can create a file with a particular type of file path name that will not be scanned manually by the anti-virus scanning engine.
Solution: No solution was available at the time of this entry.
Vendor URL: www.symantec.com/ (Links to External Site)
Cause: State error
Underlying OS: Windows (Any)
Reported By: "Bipin Gautam." <[email protected]>
Message History: None.