CVE-2004-0375
Summary
| CVE | CVE-2004-0375 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-08-18 04:00:00 UTC |
| Updated | 2017-07-11 01:30:00 UTC |
| Description | SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Symantec | Client Firewall | 5.01 | All | All | All |
| Application | Symantec | Client Firewall | 5.1.1 | All | All | All |
| Application | Symantec | Client Firewall | 5.01 | All | All | All |
| Application | Symantec | Client Firewall | 5.1.1 | All | All | All |
| Application | Symantec | Client Security | 1.0 | All | All | All |
| Application | Symantec | Client Security | 1.1 | All | All | All |
| Application | Symantec | Client Security | 1.0 | All | All | All |
| Application | Symantec | Client Security | 1.1 | All | All | All |
| Application | Symantec | Norton Internet Security | 2003 | All | All | All |
| Application | Symantec | Norton Internet Security | 2003 | All | pro | All |
| Application | Symantec | Norton Internet Security | 2004 | All | All | All |
| Application | Symantec | Norton Internet Security | 2004 | All | pro | All |
| Application | Symantec | Norton Internet Security | 2003 | All | All | All |
| Application | Symantec | Norton Internet Security | 2003 | All | pro | All |
| Application | Symantec | Norton Internet Security | 2004 | All | All | All |
| Application | Symantec | Norton Internet Security | 2004 | All | pro | All |
| Application | Symantec | Norton Personal Firewall | 2003 | All | All | All |
| Application | Symantec | Norton Personal Firewall | 2004 | All | All | All |
| Application | Symantec | Norton Personal Firewall | 2003 | All | All | All |
| Application | Symantec | Norton Personal Firewall | 2004 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| eEye Digital Security - Vulnerability Management Solutions | MISC | www.eeye.com | |
| Symantec Client Firewall Denial of Service Vulnerability | CONFIRM | www.symantec.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Symantec Norton Personal Firewall SYMNDIS.SYS TCP Options Parsing Flaw Lets Remote Users Deny Service - SecurityTracker | SECTRACK | securitytracker.com | |
| 'EEYE: Symantec Multiple Firewall TCP Options Denial of Service' - MARC | BUGTRAQ | marc.info | |
| Symantec Client Firewall Products SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability | BID | www.securityfocus.com | Exploit, Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Symantec Norton Internet Security SYMNDIS.SYS TCP Options Parsing Flaw Lets Remote Users Deny Service - SecurityTracker | SECTRACK | securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.