Re: [Full-Disclosure] Norton AntiVirus Scanner Remote Denial Of ServiceVulnerability [Part: !!!]

[Matt Cuttler <mcuttler@xxxxxxx>]

clamav has options such as:
--max-files --max-space --max-recursion and --max-ratio
..which will protect against these types of DOS attacks.

-Matt Cuttler



Richard Massa wrote:

> exploit does not crash SAV corporate edition 8.1.1.319, Scan engine 4.2.0.7.
> Scan of file completes successfully.
>
> On Fri, Jul 09, 2004 at 08:55:45PM -0700, bipin gautam wrote:
>  
>
> > --- "Peter B. Harvey (Information Security)"
> > <peterharvey@xxxxxxxxxxxxxxxxxxxx> wrote:
> >    
> >
> > > Could you please password protect it and email it to
> > > me. Ill test on Trend Micro.
> > >
> > > Peter
> > >      
> > dust download the file and hit scan, watch out You AV
> > can trigger a DoS autometically.
> >
> > It has been confirmed Norton 2004 uses 100% cpu for a
> > indefinate amount of time. (Tested in 3 Ghz processor)
> >
> > Please read updates in this advisory at:
> >
> > http://www.geocities.com/visitbipin/Nav_dos_part_3.html
> >
> > and test the exploit with some other AV scanners!
> >
> > ------------
> > bipin
> >
> >
> >             
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! Mail - 50x more storage than other providers!
> > http://promotions.yahoo.com/new_mail
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >    
>
>