{"api_version":"1","generated_at":"2026-04-23T13:35:05+00:00","cve":"CVE-2004-0444","urls":{"html":"https://cve.report/CVE-2004-0444","api":"https://cve.report/api/cve/CVE-2004-0444.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2004-0444","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2004-0444"},"summary":{"title":"CVE-2004-0444","description":"Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.","state":"PUBLISHED","assigner":"mitre","published_at":"2004-07-07 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html","name":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[Full-Disclosure] EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://secunia.com/advisories/11066","name":"http://secunia.com/advisories/11066","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Symantec Client Firewall Products Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1010146","name":"http://securitytracker.com/id?1010146","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Norton AntiSpam SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.osvdb.org/6102","name":"http://www.osvdb.org/6102","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16134","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16134","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16135","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16135","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1010144","name":"http://securitytracker.com/id?1010144","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Client Firewall SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16137","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16137","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kb.cert.org/vuls/id/634414","name":"http://www.kb.cert.org/vuls/id/634414","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"],"title":"US-CERT Vulnerability Note VU#634414","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html","name":"http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Client Firewall Remote Access and Denial of Service Issues","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/10335","name":"http://www.securityfocus.com/bid/10335","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Client Firewall NetBIOS Handler Remote Heap Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securityfocus.com/bid/10333","name":"http://www.securityfocus.com/bid/10333","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Client Firewall NetBIOS Name Service Response Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.ciac.org/ciac/bulletins/o-141.shtml","name":"http://www.ciac.org/ciac/bulletins/o-141.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"O-141: Symantec Client Firewall Remote Access Vulnerabilities","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html","name":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[Full-Disclosure] EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://www.kb.cert.org/vuls/id/637318","name":"http://www.kb.cert.org/vuls/id/637318","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"],"title":"US-CERT Vulnerability Note VU#637318","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.osvdb.org/6099","name":"http://www.osvdb.org/6099","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.osvdb.org/6101","name":"http://www.osvdb.org/6101","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html","name":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[Full-Disclosure] EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://securitytracker.com/id?1010145","name":"http://securitytracker.com/id?1010145","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Client Security SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/10334","name":"http://www.securityfocus.com/bid/10334","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Client Firewall DNS Response Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.kb.cert.org/vuls/id/294998","name":"http://www.kb.cert.org/vuls/id/294998","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"],"title":"US-CERT Vulnerability Note VU#294998","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2004-0444","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-0444","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_firewall","cpe6":"5.01","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_firewall","cpe6":"5.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antispam","cpe6":"2004","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2002","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2002","cpe7":"*","cpe8":"pro","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2003","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2003","cpe7":"*","cpe8":"pro","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2004","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2004","cpe7":"*","cpe8":"pro","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_personal_firewall","cpe6":"2002","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_personal_firewall","cpe6":"2003","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_personal_firewall","cpe6":"2004","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T00:17:14.967Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"6099","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/6099"},{"name":"VU#634414","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/634414"},{"name":"1010146","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1010146"},{"name":"1010145","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1010145"},{"name":"VU#637318","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/637318"},{"name":"10335","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/10335"},{"name":"O-141","tags":["third-party-advisory","government-resource","x_refsource_CIAC","x_transferred"],"url":"http://www.ciac.org/ciac/bulletins/o-141.shtml"},{"name":"20040512 EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html"},{"name":"VU#294998","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/294998"},{"name":"10333","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/10333"},{"name":"symantec-nbns-response-bo(16134)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16134"},{"name":"20040512 EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html"},{"name":"6101","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/6101"},{"name":"6102","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/6102"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"},{"name":"symantec-dns-response-bo(16137)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16137"},{"name":"1010144","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1010144"},{"name":"20040512 EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html"},{"name":"10334","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/10334"},{"name":"11066","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/11066"},{"name":"symantec-firewalls-nbns-bo(16135)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16135"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2004-05-12T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-10T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"6099","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/6099"},{"name":"VU#634414","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/634414"},{"name":"1010146","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1010146"},{"name":"1010145","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1010145"},{"name":"VU#637318","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/637318"},{"name":"10335","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/10335"},{"name":"O-141","tags":["third-party-advisory","government-resource","x_refsource_CIAC"],"url":"http://www.ciac.org/ciac/bulletins/o-141.shtml"},{"name":"20040512 EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html"},{"name":"VU#294998","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/294998"},{"name":"10333","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/10333"},{"name":"symantec-nbns-response-bo(16134)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16134"},{"name":"20040512 EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html"},{"name":"6101","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/6101"},{"name":"6102","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/6102"},{"tags":["x_refsource_CONFIRM"],"url":"http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"},{"name":"symantec-dns-response-bo(16137)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16137"},{"name":"1010144","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1010144"},{"name":"20040512 EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html"},{"name":"10334","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/10334"},{"name":"11066","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/11066"},{"name":"symantec-firewalls-nbns-bo(16135)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16135"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2004-0444","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"6099","refsource":"OSVDB","url":"http://www.osvdb.org/6099"},{"name":"VU#634414","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/634414"},{"name":"1010146","refsource":"SECTRACK","url":"http://securitytracker.com/id?1010146"},{"name":"1010145","refsource":"SECTRACK","url":"http://securitytracker.com/id?1010145"},{"name":"VU#637318","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/637318"},{"name":"10335","refsource":"BID","url":"http://www.securityfocus.com/bid/10335"},{"name":"O-141","refsource":"CIAC","url":"http://www.ciac.org/ciac/bulletins/o-141.shtml"},{"name":"20040512 EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow","refsource":"FULLDISC","url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html"},{"name":"VU#294998","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/294998"},{"name":"10333","refsource":"BID","url":"http://www.securityfocus.com/bid/10333"},{"name":"symantec-nbns-response-bo(16134)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16134"},{"name":"20040512 EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow","refsource":"FULLDISC","url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html"},{"name":"6101","refsource":"OSVDB","url":"http://www.osvdb.org/6101"},{"name":"6102","refsource":"OSVDB","url":"http://www.osvdb.org/6102"},{"name":"http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html","refsource":"CONFIRM","url":"http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"},{"name":"symantec-dns-response-bo(16137)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16137"},{"name":"1010144","refsource":"SECTRACK","url":"http://securitytracker.com/id?1010144"},{"name":"20040512 EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption","refsource":"FULLDISC","url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html"},{"name":"10334","refsource":"BID","url":"http://www.securityfocus.com/bid/10334"},{"name":"11066","refsource":"SECUNIA","url":"http://secunia.com/advisories/11066"},{"name":"symantec-firewalls-nbns-bo(16135)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16135"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2004-0444","datePublished":"2004-05-20T04:00:00.000Z","dateReserved":"2004-05-04T00:00:00.000Z","dateUpdated":"2024-08-08T00:17:14.967Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2004-07-07 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*","matchCriteriaId":"4AEFBAEB-18D4-4082-9F19-C47113841C89"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*","matchCriteriaId":"6EA9657C-14D2-418A-AABD-96392E87F4B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*","matchCriteriaId":"C1DFD4CB-40A1-4D70-97AC-0941826F28CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*","matchCriteriaId":"7483F6DD-EDC0-497E-A5A9-B186E02CCCEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*","matchCriteriaId":"102D0C6A-31B8-4275-A805-4CA446D1C77F"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*","matchCriteriaId":"EA18147D-E618-4902-8837-5824240DD50E"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*","matchCriteriaId":"75D357CC-EAD0-42E3-B38C-BE2DC44D154E"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*","matchCriteriaId":"201403B4-3B5C-4F77-ADAE-7A553D4D58F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*","matchCriteriaId":"A8D19926-AB65-4C06-8C44-7EA9B070FD1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*","matchCriteriaId":"0F27E94F-F6D6-4C40-878F-BF952658A909"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*","matchCriteriaId":"3AA71038-2D4E-4366-A3D1-AD85251B3E5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*","matchCriteriaId":"CC689F12-84C6-4B52-970F-DAF6B00B4A42"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*","matchCriteriaId":"0DDD0E02-306D-4675-B73A-2C2F619CDDCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*","matchCriteriaId":"EA28BC22-ABF0-4F1E-BA83-85B398775450"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*","matchCriteriaId":"F05FEBA2-33E8-4074-8B57-4FE6FFEF2F32"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2002:*:pro:*:*:*:*:*","matchCriteriaId":"A5FA0458-AB41-495E-B41F-C18B4E6876CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*","matchCriteriaId":"AEF97C5F-3A80-4973-85FD-5BCE43B32AD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*","matchCriteriaId":"1F0BF645-7C56-4ED6-91C0-AE4CFAB62EE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*","matchCriteriaId":"2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*","matchCriteriaId":"D7875372-44D7-47AB-8F8C-4A3AB98FB3B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*","matchCriteriaId":"898D5369-E2F3-450C-8554-1C692EAA9906"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*","matchCriteriaId":"74E5CAF7-C305-4FAF-8DA7-627D83F65185"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*","matchCriteriaId":"36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2004","CveId":"444","Ordinal":"1","Title":"CVE-2004-0444","CVE":"CVE-2004-0444","Year":"2004"},"notes":[{"CveYear":"2004","CveId":"444","Ordinal":"1","NoteData":"Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.","Type":"Description","Title":"CVE-2004-0444"},{"CveYear":"2004","CveId":"444","Ordinal":"2","NoteData":"2004-05-20","Type":"Other","Title":"Published"},{"CveYear":"2004","CveId":"444","Ordinal":"3","NoteData":"2017-07-10","Type":"Other","Title":"Modified"}]}}}