CVE-2004-0445
Summary
| CVE | CVE-2004-0445 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-07-07 04:00:00 UTC |
| Updated | 2017-07-11 01:30:00 UTC |
| Description | The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Symantec | Client Firewall | 5.01 | All | All | All |
| Application | Symantec | Client Firewall | 5.1.1 | All | All | All |
| Application | Symantec | Client Firewall | 5.01 | All | All | All |
| Application | Symantec | Client Firewall | 5.1.1 | All | All | All |
| Application | Symantec | Client Security | 1.0 | All | All | All |
| Application | Symantec | Client Security | 1.1 | All | All | All |
| Application | Symantec | Client Security | 1.2 | All | All | All |
| Application | Symantec | Client Security | 1.3 | All | All | All |
| Application | Symantec | Client Security | 1.4 | All | All | All |
| Application | Symantec | Client Security | 1.5 | All | All | All |
| Application | Symantec | Client Security | 1.6 | All | All | All |
| Application | Symantec | Client Security | 1.7 | All | All | All |
| Application | Symantec | Client Security | 1.8 | All | All | All |
| Application | Symantec | Client Security | 1.9 | All | All | All |
| Application | Symantec | Client Security | 2.0 | All | All | All |
| Application | Symantec | Client Security | 1.0 | All | All | All |
| Application | Symantec | Client Security | 1.1 | All | All | All |
| Application | Symantec | Client Security | 1.2 | All | All | All |
| Application | Symantec | Client Security | 1.3 | All | All | All |
| Application | Symantec | Client Security | 1.4 | All | All | All |
| Application | Symantec | Client Security | 1.5 | All | All | All |
| Application | Symantec | Client Security | 1.6 | All | All | All |
| Application | Symantec | Client Security | 1.7 | All | All | All |
| Application | Symantec | Client Security | 1.8 | All | All | All |
| Application | Symantec | Client Security | 1.9 | All | All | All |
| Application | Symantec | Client Security | 2.0 | All | All | All |
| Application | Symantec | Norton Antispam | 2004 | All | All | All |
| Application | Symantec | Norton Antispam | 2004 | All | All | All |
| Application | Symantec | Norton Internet Security | 2002 | All | All | All |
| Application | Symantec | Norton Internet Security | 2002 | All | pro | All |
| Application | Symantec | Norton Internet Security | 2003 | All | All | All |
| Application | Symantec | Norton Internet Security | 2003 | All | pro | All |
| Application | Symantec | Norton Internet Security | 2004 | All | All | All |
| Application | Symantec | Norton Internet Security | 2004 | All | pro | All |
| Application | Symantec | Norton Internet Security | 2002 | All | All | All |
| Application | Symantec | Norton Internet Security | 2002 | All | pro | All |
| Application | Symantec | Norton Internet Security | 2003 | All | All | All |
| Application | Symantec | Norton Internet Security | 2003 | All | pro | All |
| Application | Symantec | Norton Internet Security | 2004 | All | All | All |
| Application | Symantec | Norton Internet Security | 2004 | All | pro | All |
| Application | Symantec | Norton Personal Firewall | 2002 | All | All | All |
| Application | Symantec | Norton Personal Firewall | 2003 | All | All | All |
| Application | Symantec | Norton Personal Firewall | 2004 | All | All | All |
| Application | Symantec | Norton Personal Firewall | 2002 | All | All | All |
| Application | Symantec | Norton Personal Firewall | 2003 | All | All | All |
| Application | Symantec | Norton Personal Firewall | 2004 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Secunia - Advisories - Symantec Client Firewall Products Multiple Vulnerabilities | SECUNIA | secunia.com | |
| [Full-Disclosure] EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service | FULLDISC | lists.grok.org.uk | |
| US-CERT Vulnerability Note VU#682110 | CERT-VN | www.kb.cert.org | Patch, Third Party Advisory, US Government Resource |
| Symantec Client Firewall Remote DNS Response Denial Of Service Vulnerability | BID | www.securityfocus.com | |
| Symantec Client Firewall SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System - SecurityTracker | SECTRACK | securitytracker.com | |
| O-141: Symantec Client Firewall Remote Access Vulnerabilities | CIAC | www.ciac.org | |
| Symantec Client Security SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System - SecurityTracker | SECTRACK | securitytracker.com | |
| 6100 | OSVDB | www.osvdb.org | |
| Norton AntiSpam SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System - SecurityTracker | SECTRACK | securitytracker.com | |
| Symantec Client Firewall Remote Access and Denial of Service Issues | CONFIRM | securityresponse.symantec.com | Patch, Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.