Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0444

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0444
Last Modified 10 Sep 2008 03:26:23
Published 07 Jul 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0444

Summary

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.

Vulnerable Systems

Application

  • Symantec Client Firewall 5.01

  • Symantec Client Firewall 5.1.1

  • Symantec Client Security 1.0

  • Symantec Client Security 1.1

  • Symantec Client Security 1.2

  • Symantec Client Security 1.3

  • Symantec Client Security 1.4

  • Symantec Client Security 1.5

  • Symantec Client Security 1.6

  • Symantec Client Security 1.7

  • Symantec Client Security 1.8

  • Symantec Client Security 1.9

  • Symantec Client Security 2.0

  • Symantec Norton Antispam 2004

  • Symantec Norton Internet Security 2002

  • Symantec Norton Internet Security 2003

  • Symantec Norton Internet Security 2004

  • Symantec Norton Personal Firewall 2002

  • Symantec Norton Personal Firewall 2003

  • Symantec Norton Personal Firewall 2004


References

CERT-VN - VU#634414

CERT-VN - VU#294998

CERT-VN - VU#637318

BID - 10335

BID - 10334

BID - 10333

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html

SECUNIA - 11066

FULLDISC - 20040512 EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption

FULLDISC - 20040512 EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow

FULLDISC - 20040512 EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow

XF - symantec-dns-response-bo(16137)

XF - symantec-firewalls-nbns-bo(16135)

XF - symantec-nbns-response-bo(16134)

OSVDB - 6102

OSVDB - 6101

OSVDB - 6099

CIAC - O-141

SECTRACK - 1010146

SECTRACK - 1010145

SECTRACK - 1010144


Last Updated: 27 May 2016 10:38:36