CVE-2004-0445 - Vulnerability Details

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Symantec	Client Firewall Client Security Norton Antispam Norton Internet Security Norton Personal Firewall

Configuration 1 [-]

OR	cpe:2.3:a:symantec:client_firewall:5.01:::::::*
	cpe:2.3:a:symantec:client_firewall:5.1.1:::::::*
	cpe:2.3:a:symantec:client_security:1.0:::::::*
	cpe:2.3:a:symantec:client_security:1.1:::::::*
	cpe:2.3:a:symantec:client_security:1.2:::::::*
	cpe:2.3:a:symantec:client_security:1.3:::::::*
	cpe:2.3:a:symantec:client_security:1.4:::::::*
	cpe:2.3:a:symantec:client_security:1.5:::::::*
	cpe:2.3:a:symantec:client_security:1.6:::::::*
	cpe:2.3:a:symantec:client_security:1.7:::::::*
	cpe:2.3:a:symantec:client_security:1.8:::::::*
	cpe:2.3:a:symantec:client_security:1.9:::::::*
	cpe:2.3:a:symantec:client_security:2.0:::::::*
	cpe:2.3:a:symantec:norton_antispam:2004:::::::*
	cpe:2.3:a:symantec:norton_internet_security:2002:::::::*
	cpe:2.3:a:symantec:norton_internet_security:2002::pro:::::
	cpe:2.3:a:symantec:norton_internet_security:2003:::::::*
	cpe:2.3:a:symantec:norton_internet_security:2003::pro:::::
	cpe:2.3:a:symantec:norton_internet_security:2004:::::::*
	cpe:2.3:a:symantec:norton_internet_security:2004::pro:::::
	cpe:2.3:a:symantec:norton_personal_firewall:2002:::::::*
	cpe:2.3:a:symantec:norton_personal_firewall:2003:::::::*
	cpe:2.3:a:symantec:norton_personal_firewall:2004:::::::*

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
http://secunia.com/advisories/11066
http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
http://securitytracker.com/id?1010144
http://securitytracker.com/id?1010145
http://securitytracker.com/id?1010146
http://www.ciac.org/ciac/bulletins/o-141.shtml
http://www.kb.cert.org/vuls/id/682110
http://www.osvdb.org/6100
http://www.securityfocus.com/bid/10336
https://exchange.xforce.ibmcloud.com/vulnerabilities/16132

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-05-20T04:00:00

Updated: 2024-08-08T00:17:14.975Z

Reserved: 2004-05-04T00:00:00

Link: CVE-2004-0445

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2004-07-07T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2004-0445

Redhat

No data.

Metrics

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object