1. CVE-Search
  2. CVE-2004-0445
ID CVE-2004-0445
Summary The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2002:*:pro:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2002:*:pro:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
CVSS
Base: 2.6 (as of 11-07-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:N/I:N/A:P
refmap via4
bid 10336
cert-vn VU#682110
ciac O-141
confirm http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
fulldisc 20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service
osvdb 6100
sectrack
  • 1010144
  • 1010145
  • 1010146
secunia 11066
xf symantec-firewall-dns-dos(16132)
Last major update 11-07-2017 - 01:30
Published 07-07-2004 - 04:00
Last modified 11-07-2017 - 01:30
Back to Top