CERTA-2004-AVI-144
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les solutions de pare-feu de Symantec.
Description
Une vulnérabilité a été découverte dans la mise en œuvre du pilote
SYMNDIS.SYS lors du traitement des options d'un paquet TCP. L'envoi
d'un paquet TCP judicieusement formé par un individu mal intentionné
permet d'effectuer un déni de service sur le système affecté.
Solution
Appliquer les correctifs fournis par l'éditeur (se référer au bulletin de sécurité #SYM004-007 de Symantec).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Symantec Norton Personnal Firewall 2003, 2004 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Syamntec Client Security 1.0 et 1.1.",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Client Firewall 5.01, 5.1.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton Internet Security and Professional 2003, 2004 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans la mise en \u0153uvre du pilote\n`SYMNDIS.SYS` lors du traitement des options d\u0027un paquet TCP. L\u0027envoi\nd\u0027un paquet TCP judicieusement form\u00e9 par un individu mal intentionn\u00e9\npermet d\u0027effectuer un d\u00e9ni de service sur le syst\u00e8me affect\u00e9.\n\n## Solution\n\nAppliquer les correctifs fournis par l\u0027\u00e9diteur (se r\u00e9f\u00e9rer au bulletin\nde s\u00e9curit\u00e9 \\#SYM004-007 de Symantec).\n",
"cves": [],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 #AD20040423 d\u0027eEye :",
"url": "http://www.eeye.com/html/Research/Advisories/AD20040423.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 #SYM-04-007 de Symantec :",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.04.20.html"
}
],
"reference": "CERTA-2004-AVI-144",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2004-04-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les solutions de pare-feu de\nSymantec.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les solutions de pare-feu Symantec",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 #SYM04-007 de Symantec",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…