Symantec Norton Anti-Virus NAV2000 POProxy USER Command Remote Overflow
Remote / Network Access
Loss of Integrity,
Loss of Availability
A remote overflow exists in POP3 proxy service(POProxy)of Norton Anti-Virus. The POProxy fails to validate the USER command. By sending a username containing more than 264 characters to the USER command to the proxy service, a remote attacker can overflow the buffer and crash the service, resulting in loss of availability.
Currently, there are no known workarounds or upgrades to correct this issue. However, Symantec has released a patch to address this vulnerability.