CVE-2004-0444

Summary

CVE	CVE-2004-0444
State	PUBLISHED
Assigner	mitre
Source Priority	CVE Program / NVD first with legacy fallback
Published	2004-07-07 04:00:00 UTC
Updated	2025-04-03 01:03:51 UTC
Description	Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.

Risk And Classification

Primary CVSS: v2.0 10 from [email protected]

AV:N/AC:L/Au:N/C:C/I:C/A:C

Problem Types: NVD-CWE-Other | n/a

CVSS v2.0 Breakdown

Access Vector

Network

Access Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Symantec	Client Firewall	5.01	All	All	All
Application	Symantec	Client Firewall	5.1.1	All	All	All
Application	Symantec	Client Security	1.0	All	All	All
Application	Symantec	Client Security	1.1	All	All	All
Application	Symantec	Client Security	1.2	All	All	All
Application	Symantec	Client Security	1.3	All	All	All
Application	Symantec	Client Security	1.4	All	All	All
Application	Symantec	Client Security	1.5	All	All	All
Application	Symantec	Client Security	1.6	All	All	All
Application	Symantec	Client Security	1.7	All	All	All
Application	Symantec	Client Security	1.8	All	All	All
Application	Symantec	Client Security	1.9	All	All	All
Application	Symantec	Client Security	2.0	All	All	All
Application	Symantec	Norton Antispam	2004	All	All	All
Application	Symantec	Norton Internet Security	2002	All	All	All
Application	Symantec	Norton Internet Security	2002	All	pro	All
Application	Symantec	Norton Internet Security	2003	All	All	All
Application	Symantec	Norton Internet Security	2003	All	pro	All
Application	Symantec	Norton Internet Security	2004	All	All	All
Application	Symantec	Norton Internet Security	2004	All	pro	All
Application	Symantec	Norton Personal Firewall	2002	All	All	All
Application	Symantec	Norton Personal Firewall	2003	All	All	All
Application	Symantec	Norton Personal Firewall	2004	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
[Full-Disclosure] EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow	af854a3a-2127-422b-91ae-364da2661108	lists.grok.org.uk
Secunia - Advisories - Symantec Client Firewall Products Multiple Vulnerabilities	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Norton AntiSpam SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
www.osvdb.org/6102	af854a3a-2127-422b-91ae-364da2661108	www.osvdb.org
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
Symantec Client Firewall SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
US-CERT Vulnerability Note VU#634414	af854a3a-2127-422b-91ae-364da2661108	www.kb.cert.org	Patch, Third Party Advisory, US Government Resource
Symantec Client Firewall Remote Access and Denial of Service Issues	af854a3a-2127-422b-91ae-364da2661108	securityresponse.symantec.com
Symantec Client Firewall NetBIOS Handler Remote Heap Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
Symantec Client Firewall NetBIOS Name Service Response Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
O-141: Symantec Client Firewall Remote Access Vulnerabilities	af854a3a-2127-422b-91ae-364da2661108	www.ciac.org
[Full-Disclosure] EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow	af854a3a-2127-422b-91ae-364da2661108	lists.grok.org.uk
US-CERT Vulnerability Note VU#637318	af854a3a-2127-422b-91ae-364da2661108	www.kb.cert.org	US Government Resource
www.osvdb.org/6099	af854a3a-2127-422b-91ae-364da2661108	www.osvdb.org
www.osvdb.org/6101	af854a3a-2127-422b-91ae-364da2661108	www.osvdb.org
[Full-Disclosure] EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption	af854a3a-2127-422b-91ae-364da2661108	lists.grok.org.uk
Symantec Client Security SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
Symantec Client Firewall DNS Response Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
US-CERT Vulnerability Note VU#294998	af854a3a-2127-422b-91ae-364da2661108	www.kb.cert.org	Patch, Third Party Advisory, US Government Resource
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.