Norton AntiVirus Scanner Remote Denial Of Service Vulnerability

Discussion in 'Windows Desktop Systems' started by tdinc, Jul 10, 2004.

  1. tdinc

    tdinc █▄█ ▀█▄ █ Political User

    Sterling Heights, MICHIGAN
    Anti-Virus Scanner Remote Denial Of Service

    Symantec Norton AntiVirus 2003 Professional Edition
    Symantec Norton AntiVirus 2002

    *not vulnerable
    Mcafee 7*
    Mcafee 8*

    Risk Impact: Medium
    Remote: yes

    While having a virus scan [automatic/manual] of some
    specially crafted compressed files; NAV triggers a DoS
    using 100% CPU for a very long time. Morover, NAV is
    unable to stop the scan in middle, even if the user
    wishes to manually stop the virus scan. Then, in this
    situation the only alternate is to kill the process.

    contacted SYMANTEC in any of my
    advisories since their "security responce team" is too
    slow to responce any reported incidence. PLEASE:
    ...test this issue with other AV / trojan scanners as
    they might also be vulnerable.