CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
89.5%
SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
Vendor | Product | Version | CPE |
---|---|---|---|
symantec | client_firewall | 5.01 | cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:* |
symantec | client_firewall | 5.1.1 | cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:* |
symantec | client_security | 1.0 | cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:* |
symantec | client_security | 1.1 | cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:* |
symantec | norton_internet_security | 2003 | cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:* |
symantec | norton_internet_security | 2003 | cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:* |
symantec | norton_internet_security | 2004 | cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:* |
symantec | norton_internet_security | 2004 | cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:* |
symantec | norton_personal_firewall | 2003 | cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:* |
symantec | norton_personal_firewall | 2004 | cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:* |
marc.info/?l=bugtraq&m=108275582432246&w=2
securitytracker.com/id?1009379
securitytracker.com/id?1009380
www.eeye.com/html/Research/Upcoming/20040309.html
www.securityfocus.com/bid/9912
www.symantec.com/avcenter/security/Content/2004.04.20.html
exchange.xforce.ibmcloud.com/vulnerabilities/15433
exchange.xforce.ibmcloud.com/vulnerabilities/15936