Symantec Client Firewall Products SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability
BID:9912
Info
Symantec Client Firewall Products SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability
| Bugtraq ID: | 9912 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2004-0375 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 18 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | This issue was discovered by eEye Digital Security. |
| Vulnerable: |
Symantec Norton Personal Firewall 2004 Symantec Norton Personal Firewall 2003 Symantec Norton Internet Security 2004 Professional Edition Symantec Norton Internet Security 2004 Symantec Norton Internet Security 2003 Professional Edition Symantec Norton Internet Security 2003 Symantec Client Security 1.1 Symantec Client Security 1.0 Symantec Client Firewall 5.1.1 Symantec Client Firewall 5.0 1 |
| Not Vulnerable: | |
Discussion
Symantec Client Firewall Products SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability
Symantec Client Firewall has been reported to be prone to a remote denial of service vulnerability. The issue is reported to present itself in the TCP packet processing routines of the affected software.
It is reported that this vulnerability will have a system wide impact, causing Windows GUI and peripherals that are attached to the host to become unresponsive. A hard reset is reported to be required to restore normal functionality to the system.
The information in this BID was consolidated from BID 10204 as both of these BIDs represented the same issue. BID 10204 is being retired.
Symantec Client Firewall has been reported to be prone to a remote denial of service vulnerability. The issue is reported to present itself in the TCP packet processing routines of the affected software.
It is reported that this vulnerability will have a system wide impact, causing Windows GUI and peripherals that are attached to the host to become unresponsive. A hard reset is reported to be required to restore normal functionality to the system.
The information in this BID was consolidated from BID 10204 as both of these BIDs represented the same issue. BID 10204 is being retired.
Exploit / POC
Symantec Client Firewall Products SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability
The following exploit code has been provided by warlord:
The following exploit code has been provided by warlord:
Solution / Fix
Symantec Client Firewall Products SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability
Solution:
It is reported that a fix for this vulnerability is available through the Symantec LiveUpdate service. Customers are advised to run LiveUpdate to address this issue.
Solution:
It is reported that a fix for this vulnerability is available through the Symantec LiveUpdate service. Customers are advised to run LiveUpdate to address this issue.
References
Symantec Client Firewall Products SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability
References:
References:
- EEYEB-20040309 (eEye Digital Security)
- SYM04-007 Symantec Client Firewall Denial of Service Vulnerability (Symantec)