Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0445

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2004-0445
Last Modified 10 Sep 2008 03:26:23
Published 07 Jul 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-0445

Summary

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.

Vulnerable Systems

Application

  • Symantec Client Firewall 5.01

  • Symantec Client Firewall 5.1.1

  • Symantec Client Security 1.0

  • Symantec Client Security 1.1

  • Symantec Client Security 1.2

  • Symantec Client Security 1.3

  • Symantec Client Security 1.4

  • Symantec Client Security 1.5

  • Symantec Client Security 1.6

  • Symantec Client Security 1.7

  • Symantec Client Security 1.8

  • Symantec Client Security 1.9

  • Symantec Client Security 2.0

  • Symantec Norton Antispam 2004

  • Symantec Norton Internet Security 2002

  • Symantec Norton Internet Security 2003

  • Symantec Norton Internet Security 2004

  • Symantec Norton Personal Firewall 2002

  • Symantec Norton Personal Firewall 2003

  • Symantec Norton Personal Firewall 2004


References

CERT-VN - VU#682110

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html

XF - symantec-firewall-dns-dos(16132)

BID - 10336

SECUNIA - 11066

FULLDISC - 20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service

OSVDB - 6100

CIAC - O-141

SECTRACK - 1010146

SECTRACK - 1010145

SECTRACK - 1010144


Last Updated: 27 May 2016 10:38:36