CVE-2004-0375

Symantec Norton Internet Security <2004 - DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0375. PoCs published by eEye Digital Security Team.

AI-analyzed exploit summary This is a writeup describing a remote denial of service vulnerability in Symantec Client Firewall. The issue affects TCP packet processing routines, causing system-wide unresponsiveness requiring a hard reset.

Description

SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.

Exploits (1)

exploitdb WRITEUP VERIFIED

by eEye Digital Security Team · textdoswindows

https://www.exploit-db.com/exploits/23846

View Code ZIP pw:eip

This is a writeup describing a remote denial of service vulnerability in Symantec Client Firewall. The issue affects TCP packet processing routines, causing system-wide unresponsiveness requiring a hard reset.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: Symantec Client Firewall

No auth needed

Prerequisites: Network access to the target system

MITRE ATT&CK