ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue.
http://www.securityfocus.com/archive/1/295434
http://www.iss.net/security_center/static/10379.php
http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html