CERTA-2004-AVI-144
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans les solutions de pare-feu de Symantec.
Description
Une vulnérabilité a été découverte dans la mise en œuvre du pilote
SYMNDIS.SYS lors du traitement des options d'un paquet TCP. L'envoi
d'un paquet TCP judicieusement formé par un individu mal intentionné
permet d'effectuer un déni de service sur le système affecté.
Solution
Appliquer les correctifs fournis par l'éditeur (se référer au bulletin de sécurité #SYM004-007 de Symantec).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Symantec Norton Personnal Firewall 2003, 2004 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Syamntec Client Security 1.0 et 1.1.",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Client Firewall 5.01, 5.1.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton Internet Security and Professional 2003, 2004 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans la mise en \u0153uvre du pilote\n`SYMNDIS.SYS` lors du traitement des options d\u0027un paquet TCP. L\u0027envoi\nd\u0027un paquet TCP judicieusement form\u00e9 par un individu mal intentionn\u00e9\npermet d\u0027effectuer un d\u00e9ni de service sur le syst\u00e8me affect\u00e9.\n\n## Solution\n\nAppliquer les correctifs fournis par l\u0027\u00e9diteur (se r\u00e9f\u00e9rer au bulletin\nde s\u00e9curit\u00e9 \\#SYM004-007 de Symantec).\n",
"cves": [],
"initial_release_date": "2004-04-27T00:00:00",
"last_revision_date": "2004-04-27T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 #AD20040423 d\u0027eEye :",
"url": "http://www.eeye.com/html/Research/Advisories/AD20040423.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 #SYM-04-007 de Symantec :",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.04.20.html"
}
],
"reference": "CERTA-2004-AVI-144",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2004-04-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les solutions de pare-feu de\nSymantec.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les solutions de pare-feu Symantec",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 #SYM04-007 de Symantec",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…