CVE-2004-0375

Symantec Client Firewall Products 5 - 'SYMNDIS.SYS' Driver Remote Denial of Service

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.

SIMNDIS.SYS en Symantec Norton Internet Securiy 2003 y 2004, Norton Personal Firewall 2003 y 2004, Client Firewall 5.01 y 5.1.1, y Client Security 1.0 y 1.1 permite a atacantes remotos causar una denegación de servicio (bucle infinito) mediante un paquete TCP con (1) opción SACK o (2) opción Suma de Comprobación de Datos Alternativa seguida por una longitud cero.

eEye Digital Security has discovered a severe denial of service vulnerability in the Symantec Client Firewall products for Windows. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the component that performs low level processing of TCP packets.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2004-03-29 CVE Reserved
2004-04-28 CVE Published
2013-01-09 First Exploit
2024-08-08 CVE Updated
2025-07-13 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (9)

URL	Tag	Source
http://marc.info/?l=bugtraq&m=108275582432246&w=2	Mailing List
http://securitytracker.com/id?1009379	Vdb Entry
http://securitytracker.com/id?1009380	Vdb Entry
http://www.eeye.com/html/Research/Upcoming/20040309.html	X_refsource_misc
http://www.symantec.com/avcenter/security/Content/2004.04.20.html	X_refsource_confirm
https://exchange.xforce.ibmcloud.com/vulnerabilities/15433	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/15936	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/23846	2013-01-09
http://www.securityfocus.com/bid/9912	2024-08-08

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Symantec Search vendor "Symantec"		Client Firewall Search vendor "Symantec" for product "Client Firewall"				5.01 Search vendor "Symantec" for product "Client Firewall" and version "5.01"		-		Affected
Symantec Search vendor "Symantec"		Client Firewall Search vendor "Symantec" for product "Client Firewall"				5.1.1 Search vendor "Symantec" for product "Client Firewall" and version "5.1.1"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				1.0 Search vendor "Symantec" for product "Client Security" and version "1.0"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				1.1 Search vendor "Symantec" for product "Client Security" and version "1.1"		-		Affected
Symantec Search vendor "Symantec"		Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security"				2003 Search vendor "Symantec" for product "Norton Internet Security" and version "2003"		-		Affected
Symantec Search vendor "Symantec"		Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security"				2003 Search vendor "Symantec" for product "Norton Internet Security" and version "2003"		pro		Affected
Symantec Search vendor "Symantec"		Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security"				2004 Search vendor "Symantec" for product "Norton Internet Security" and version "2004"		-		Affected
Symantec Search vendor "Symantec"		Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security"				2004 Search vendor "Symantec" for product "Norton Internet Security" and version "2004"		pro		Affected
Symantec Search vendor "Symantec"		Norton Personal Firewall Search vendor "Symantec" for product "Norton Personal Firewall"				2003 Search vendor "Symantec" for product "Norton Personal Firewall" and version "2003"		-		Affected
Symantec Search vendor "Symantec"		Norton Personal Firewall Search vendor "Symantec" for product "Norton Personal Firewall"				2004 Search vendor "Symantec" for product "Norton Personal Firewall" and version "2004"		-		Affected