Vulnerability Name:

CVE-2004-0375 (CCN-15936)

Assigned:2004-04-20
Published:2004-04-20
Updated:2017-07-11
Summary:SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: Full-Disclosure Mailing List, Fri Apr 23 2004 - 13:36:05 CDT
EEYE: Symantec Multiple Firewall TCP Options Denial of Service

Source: MITRE
Type: CNA
CVE-2004-0375

Source: BUGTRAQ
Type: UNKNOWN
20040423 EEYE: Symantec Multiple Firewall TCP Options Denial of Service

Source: CCN
Type: SECTRACK ID: 1009379
Symantec Norton Personal Firewall SYMNDIS.SYS TCP Options Parsing Flaw Lets Remote Users Deny Service

Source: SECTRACK
Type: UNKNOWN
1009379

Source: CCN
Type: SECTRACK ID: 1009380
Symantec Norton Internet Security SYMNDIS.SYS TCP Options Parsing Flaw Lets Remote Users Deny Service

Source: SECTRACK
Type: UNKNOWN
1009380

Source: MISC
Type: UNKNOWN
http://www.eeye.com/html/Research/Upcoming/20040309.html

Source: CCN
Type: OSVDB ID: 5596
Symantec Multiple Products Malformed TCP Packet DoS

Source: CCN
Type: Symantec Security Response SYM04-007
Symantec Client Firewall Denial of Service Vulnerability

Source: CCN
Type: BID-10204
Symantec Client Firewall SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability

Source: BID
Type: Exploit, Vendor Advisory
9912

Source: CCN
Type: BID-9912
Symantec Client Firewall Products SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability

Source: CONFIRM
Type: UNKNOWN
http://www.symantec.com/avcenter/security/Content/2004.04.20.html

Source: XF
Type: UNKNOWN
norton-firewalls-dos(15433)

Source: XF
Type: UNKNOWN
symantec-firewall-tcp-dos(15936)

Source: XF
Type: UNKNOWN
symantec-firewall-tcp-dos(15936)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
  • AND
  • cpe:/a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec client firewall 5.01
    symantec client firewall 5.1.1
    symantec client security 1.0
    symantec client security 1.1
    symantec norton internet security 2003
    symantec norton internet security 2003
    symantec norton internet security 2004
    symantec norton internet security 2004
    symantec norton personal firewall 2003
    symantec norton personal firewall 2004
    symantec norton internet security 2003
    symantec norton personal firewall 2003
    symantec norton internet security 2004
    symantec norton personal firewall 2004
    symantec client security 1.0
    symantec client firewall 5.01
    symantec client security 1.1
    symantec client firewall 5.1.1