CVE-2004-0445

Severity

26%

Complexity

49%

Confidentiality

48%

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.

CVSS 2.0 Base Score 2.6. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:P).

Overview

Type

Symantec Client

First reported 20 years ago

2004-07-07 04:00:00

Last updated 7 years ago

2017-07-11 01:30:00

Affected Software

Symantec Symantec Client Firewall 5.01

5.01

Symantec Symantec Client Firewall 5.1.1

5.1.1

Symantec Symantec Client Security 1.0

1.0

Symantec Client Security 2.0

2.0

References

20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service

11066

http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html

Patch, Vendor Advisory

1010144

1010145

1010146

O-141

VU#682110

Patch, Third Party Advisory, US Government Resource

6100

10336

symantec-firewall-dns-dos(16132)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.