Description
SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by eEye Digital Security Team · textdoswindows
https://www.exploit-db.com/exploits/23846
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1009379
Third Party Advisory x_refsource_confirm
http://www.symantec.com/avcenter/security/Content/2004.04.20.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1009380
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15433
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15936
Various Sources x_refsource_misc
http://www.eeye.com/html/Research/Upcoming/20040309.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108275582432246&w=2
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9912
Scores
EPSS
0.1100
EPSS Percentile
93.5%
Details
Status
published
Products (8)
symantec/client_firewall
5.01
symantec/client_firewall
5.1.1
symantec/client_security
1.0
symantec/client_security
1.1
symantec/norton_internet_security
2003 (2 CPE variants)
symantec/norton_internet_security
2004 (2 CPE variants)
symantec/norton_personal_firewall
2003
symantec/norton_personal_firewall
2004
Published
Aug 18, 2004
Tracked Since
Feb 18, 2026