CVE-2004-0375

SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.

Published: Aug 18, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0375
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
symantec / norton_personal_firewall	2003	2003.x
symantec / client_firewall	5.01	5.01.x
symantec / norton_internet_security	2004	2004.x
symantec / norton_internet_security	2003	2003.x
symantec / norton_personal_firewall	2004	2004.x
symantec / client_security	1.1	1.1.x
symantec / client_firewall	5.1.1	5.1.1.x
symantec / client_security	1.0	1.0.x

http://marc.info/?l=bugtraq&m=108275582432246&w=2
http://securitytracker.com/id?1009379
http://securitytracker.com/id?1009380
http://www.eeye.com/html/Research/Upcoming/20040309.html
http://www.securityfocus.com/bid/9912
http://www.symantec.com/avcenter/security/Content/2004.04.20.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/15433
https://exchange.xforce.ibmcloud.com/vulnerabilities/15936

Vulnerability Database

289,782

CVE-2004-0375