Symantec Client Firewall Denial of Service Vulnerability

[SDK]

eEye Digital Security notified Symantec of a Denial of Service vulnerability they found during product testing against Symantec's client firewall applications. By directing a specifically formatted TCP attack against a target system running a vulnerable Symantec application, an attacker can cause a complete system halt. As a result, the targeted system would require a system reboot to clear the problem.

Affected Components
- Norton Internet Security 2003
- Norton Internet Security 2004
- Norton Internet Security Professional 2003
- Norton Internet Security Professional 2004
- Norton Personal Firewall 2003
- Norton Personal Firewall 2004
- Client Firewall 5.01, 5.1.1
- Client Security 1.0

Run your LiveUpdate guy!

Source: http://securityresponse.symantec.com...004.04.20.html

[jinxy]

Glad i havn't upgrade my firewall from 2002 now. Thanks for the heads up SDK.

[KorpDeath]

All the major brands of software firewalls have DoS issues. From ZA to McAfee to Norton (I mean Symantec), always have and always will.

But a system halt isn't all bad compared to the firewall crashing open, I've tested a few firewalls that do just that. Quite scary that the quality assurance guys at those companies get paid money for that amount of shoddy work.

[!mitationRust]

Originally posted here by KorpDeath
All the major brands of software firewalls have DoS issues. From ZA to McAfee to Norton (I mean Symantec), always have and always will.

But a system halt isn't all bad compared to the firewall crashing open, I've tested a few firewalls that do just that. Quite scary that the quality assurance guys at those companies get paid money for that amount of shoddy work.

Yeah, my uncle writes software/contracts GOV & private sector, he makes pay in the high $350's and he says there are programmers who make alot more than he does a year. So I could only imagine. " Measure twice code once"