• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Symantec Norton AntiVirus NULL Characters Incoming Email Protection Bypass Vulnerability

An issue has been discovered which involves Symantec Norton AntiVirus 2002 incoming email scanning protection feature.

It is possible to bypass this protection feature, if an email message is crafted in such a way that NULL characters are inserted into the MIME type before the virus type is defined. Upon receiving an email message crafted as such, Norton AntiVirus 2002 fails to detect the virus.

As a result email messages with malicious content (ie: viruses, trojans etc.) will go undetected and could possibly run on the recipients system.