CVE-2002-1911

ZoneAlarm Pro 3.0 and 3.1 - Denial of Service via SYN Flood

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1911. PoCs published by Abraham Lincoln.

AI-analyzed exploit summary This exploit code is a proof-of-concept for a denial-of-service (DoS) vulnerability in ZoneAlarm Pro 3.1 and 3.0. It sends a SYN flood of 300 or more packets to a target host, causing the system to become unstable and unresponsive.

Description

ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Abraham Lincoln · cdoswindows
https://www.exploit-db.com/exploits/21943

This exploit code is a proof-of-concept for a denial-of-service (DoS) vulnerability in ZoneAlarm Pro 3.1 and 3.0. It sends a SYN flood of 300 or more packets to a target host, causing the system to become unstable and unresponsive.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: ZoneAlarm Pro 3.1 and 3.0
No auth needed
Prerequisites: Network access to the target host · Ability to send raw packets
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5975
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/295434
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10379.php

Scores

EPSS 0.0313
EPSS Percentile 86.2%

Details

Status published
Products (2)
zonelabs/zonealarm 3.0
zonelabs/zonealarm 3.1
Published Dec 31, 2002
Tracked Since Feb 18, 2026