CVE-2002-2206 - The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial o

CVE-2002-2206

Summary

The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.

References

http://archives.neohapsis.com/archives/bugtraq/2002-09/0240.html
http://www.iss.net/security_center/static/10085.php
http://www.securityfocus.com/archive/1/291358
http://www.securityfocus.com/bid/5692

Vulnerable Configurations

cpe:2.3:a:symantec:norton_antivirus:2001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2001:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 05-09-2008 - 20:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	5692
bugtraq	20020911 Norton AntiVirus 2001 POP3 Proxy local DoS 20020919 http://online.securityfocus.com/archive/1/291358/2002-09-08/2002-09-14/0, Subj: Norton AintiVirus 2001 POPROXY DoS
xf	nav-poproxy-username-dos(10085)

Last major update

05-09-2008 - 20:32

Published

31-12-2002 - 05:00

Last modified

05-09-2008 - 20:32