Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Security App Flaws :: win5207.htm

Norton Antivirus content filtering bypasses using capitalized letters



25th Mar 2002 [SBWID-5207]
COMMAND

	Norton Anti-Virus content filtering bypasses using capitalized letters

SYSTEMS AFFECTED

	NAV ??

PROBLEM

	In 3APA3A white paper on content filtering weakness in  common  software
	[http://www.security.nnov.ru/advisories/content.asp] :
	

	Most MUAs ignore case of Content-Type  and  Content-Disposition  headres
	while content filtering software may behave in different way.  It  makes
	it possible to bypass content-filtering software by using header like
	

	          CONTENT-type: text/plain;

	                NAme=\\\"eicar.com\\\"

	

SOLUTION

	Patch ??


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH