eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in the Symantec firewall product line that would allow a remote, anonymous attacker to execute arbitrary code on a system running an affected version of the product. By sending a single specially-crafted NetBIOS Name Service (UDP port 137) packet to a vulnerable host, an attacker could cause an arbitrary memory location to be overwritten with data he or she controls, leading to the execution of attacker-supplied code with kernel privileges and the absolute compromise of the target. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
8b0422b0cf3e0350cabdd99e47019446ad294a418bd75076bbf3b6a8ddc52f6f
eEye Security Advisory - eEye Digital Security has discovered a second vulnerability in the Symantec firewall product line that can be remotely exploited to cause a severe denial-of-service condition on systems running a default installation of an affected version of the product. By sending a single malicious DNS (UDP port 53) response packet to a vulnerable host, an attacker can cause the Symantec DNS response validation code to enter an infinite loop within the kernel, amounting to a system freeze that requires the machine to be physically rebooted in order to restore operation. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
9586423e4a36c89f9ed7bf1939b4d9b4bc57ec4d8c57dca66ad3372b2230d08b