• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Symantec AntiVirus RAR Archive Scan Evasion Denial Of Service Vulnerability

Bugtraq ID:	13416
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Apr 28 2005 12:00AM
Updated:	Apr 28 2005 12:00AM
Credit:	André Jerleke a.k.a. Phiberz <phibers@hotmail.com> is credited with the discovery of this issue.
Vulnerable:	Symantec Web Security 3.0.1 build 3.0.1.72 Symantec SAV/Filter for Domino NT 3.1 build 3.1.1.87 Symantec Norton AntiVirus 2005 11.0 + Symantec Norton Internet Security 2005 11.0 + Symantec Norton Internet Security 2005 + Symantec Norton System Works 2005 11.0 Symantec Mail Security for SMTP 4.0 build 4.0.5.66 Symantec Mail Security for Microsoft Exchange 4.5 build 4.5.4.743 Symantec AntiVirus Scan Engine 4.3 build 4.3.7.27
Not Vulnerable:	Symantec Web Security 3.0.1 build 3.0.1.74 Symantec SAV/Filter for Domino NT 3.1 build 3.1.2.91 Symantec Norton AntiVirus 2005 11.0.9 + Symantec Norton Internet Security 2005 11.0.9 + Symantec Norton Internet Security 2005 + Symantec Norton System Works 2005 11.0.9 + Symantec Norton System Works 2005 Premier Symantec Mail Security for SMTP 4.0 build 4.1.4.30 Symantec Mail Security for Microsoft Exchange 4.6 build 4.6.1.107 Symantec AntiVirus Scan Engine 4.3 build 4.3.8.29