CVE-2004-0375

Description

SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.

Affected Software
References

Software	From	Fixed in
symantec / norton_personal_firewall	2003	2003.x
symantec / norton_personal_firewall	2004	2004.x
symantec / norton_internet_security	2003	2003.x
symantec / norton_internet_security	2004	2004.x
symantec / client_firewall	5.01	5.01.x
symantec / client_firewall	5.1.1	5.1.1.x
symantec / client_security	1.0	1.0.x
symantec / client_security	1.1	1.1.x

http://marc.info/?l=bugtraq&m=108275582432246&w=2
http://securitytracker.com/id?1009379
http://securitytracker.com/id?1009380
http://www.eeye.com/html/Research/Upcoming/20040309.html
http://www.securityfocus.com/bid/9912
http://www.symantec.com/avcenter/security/Content/2004.04.20.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/15433
https://exchange.xforce.ibmcloud.com/vulnerabilities/15936

Severity: Medium

CVE: CVE-2004-0375
Published: Aug 18, 2004
Updated: Apr 13, 2023
Exploit:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CVE-2004-0375

Description

Details

CVSS v2