This indicates a possible attempt to exploit a buffer overflow vulnerability in various Symantec Firewall Products.
The vulnerability is a result of insufficient bounds checking of DNS response data. It may be exploited to gain SYSTEM/kernel level access to a computer hosting the vulnerable software.
The source of the vulnerability is that the CNAME (Canonical Name) data field specified in incoming DNS Resource Records is copied into an internal buffer in an insecure manner, resulting in a stack-based buffer overflow.
Symantec Norton Personal Firewall 2004
Symantec Norton Personal Firewall 2003
Symantec Norton Personal Firewall 2002
Symantec Norton Internet Security 2004 Professional Edition
Symantec Norton Internet Security 2004
Symantec Norton Internet Security 2003 Professional Edition
Symantec Norton Internet Security 2003
Symantec Norton Internet Security 2002 Professional Edition 0
Symantec Norton Internet Security 2002 0
Symantec Norton AntiSpam 2004
Symantec Client Security 2.0 (SCF 7.1)
Symantec Client Security 1.1
Symantec Client Security 1.0
Symantec Client Firewall 5.1.1
Symantec Client Firewall 5.0 1
System compromise: remote code execution.
Symantec recommends that clients running corporate versions of the affected products apply patches obtained through their appropriate support channels.