Lucene search

MitreCVE-2004-0375

HistoryAug 18, 2004 - 4:00 a.m.

CVE-2004-0375

2004-08-1804:00:00

mitre

web.nvd.nist.gov

symantec

norton

internet security

nis

firewall

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON

SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.

Affected configurations

Nvd

Node

symantecclient_firewallMatch5.01

symantecclient_firewallMatch5.1.1

symantecclient_securityMatch1.0

symantecclient_securityMatch1.1

symantecnorton_internet_securityMatch2003

symantecnorton_internet_securityMatch2003pro

symantecnorton_internet_securityMatch2004

symantecnorton_internet_securityMatch2004pro

symantecnorton_personal_firewallMatch2003

symantecnorton_personal_firewallMatch2004

VendorProductVersionCPE
symantecclient_firewall5.01cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
symantecclient_firewall5.1.1cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
symantecclient_security1.0cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
symantecclient_security1.1cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
symantecnorton_internet_security2003cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
symantecnorton_internet_security2003cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*
symantecnorton_internet_security2004cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
symantecnorton_internet_security2004cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*
symantecnorton_personal_firewall2003cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
symantecnorton_personal_firewall2004cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	client_firewall	5.01	cpe:2.3:a:symantec:client_firewall:5.01:::::::*
symantec	client_firewall	5.1.1	cpe:2.3:a:symantec:client_firewall:5.1.1:::::::*
symantec	client_security	1.0	cpe:2.3:a:symantec:client_security:1.0:::::::*
symantec	client_security	1.1	cpe:2.3:a:symantec:client_security:1.1:::::::*
symantec	norton_internet_security	2003	cpe:2.3:a:symantec:norton_internet_security:2003:::::::*
symantec	norton_internet_security	2003	cpe:2.3:a:symantec:norton_internet_security:2003::pro:::::
symantec	norton_internet_security	2004	cpe:2.3:a:symantec:norton_internet_security:2004:::::::*
symantec	norton_internet_security	2004	cpe:2.3:a:symantec:norton_internet_security:2004::pro:::::
symantec	norton_personal_firewall	2003	cpe:2.3:a:symantec:norton_personal_firewall:2003:::::::*
symantec	norton_personal_firewall	2004	cpe:2.3:a:symantec:norton_personal_firewall:2004:::::::*

References

marc.info/?l=bugtraq&m=108275582432246&w=2

securitytracker.com/id?1009379

securitytracker.com/id?1009380

www.eeye.com/html/Research/Upcoming/20040309.html

www.securityfocus.com/bid/9912

www.symantec.com/avcenter/security/Content/2004.04.20.html

exchange.xforce.ibmcloud.com/vulnerabilities/15433

exchange.xforce.ibmcloud.com/vulnerabilities/15936

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON

Related for CVE-2004-0375