1. CVE-Search
  2. CVE-2004-0375
ID CVE-2004-0375
Summary SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-07-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 9912
bugtraq 20040423 EEYE: Symantec Multiple Firewall TCP Options Denial of Service
confirm http://www.symantec.com/avcenter/security/Content/2004.04.20.html
misc http://www.eeye.com/html/Research/Upcoming/20040309.html
sectrack
  • 1009379
  • 1009380
xf
  • norton-firewalls-dos(15433)
  • symantec-firewall-tcp-dos(15936)
Last major update 11-07-2017 - 01:30
Published 18-08-2004 - 04:00
Last modified 11-07-2017 - 01:30
Back to Top