FKIE_CVE-2004-0445

Vulnerability from fkie_nvd - Published: 2004-07-07 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
References
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
cve@mitre.orghttp://secunia.com/advisories/11066
cve@mitre.orghttp://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.htmlPatch, Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1010144
cve@mitre.orghttp://securitytracker.com/id?1010145
cve@mitre.orghttp://securitytracker.com/id?1010146
cve@mitre.orghttp://www.ciac.org/ciac/bulletins/o-141.shtml
cve@mitre.orghttp://www.kb.cert.org/vuls/id/682110Patch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.osvdb.org/6100
cve@mitre.orghttp://www.securityfocus.com/bid/10336
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/16132
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/11066
af854a3a-2127-422b-91ae-364da2661108http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1010144
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1010145
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1010146
af854a3a-2127-422b-91ae-364da2661108http://www.ciac.org/ciac/bulletins/o-141.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/682110Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/6100
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/10336
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/16132
Impacted products
Vendor Product Version
symantec client_firewall 5.01
symantec client_firewall 5.1.1
symantec client_security 1.0
symantec client_security 1.1
symantec client_security 1.2
symantec client_security 1.3
symantec client_security 1.4
symantec client_security 1.5
symantec client_security 1.6
symantec client_security 1.7
symantec client_security 1.8
symantec client_security 1.9
symantec client_security 2.0
symantec norton_antispam 2004
symantec norton_internet_security 2002
symantec norton_internet_security 2002
symantec norton_internet_security 2003
symantec norton_internet_security 2003
symantec norton_internet_security 2004
symantec norton_internet_security 2004
symantec norton_personal_firewall 2002
symantec norton_personal_firewall 2003
symantec norton_personal_firewall 2004
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AEFBAEB-18D4-4082-9F19-C47113841C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EA9657C-14D2-418A-AABD-96392E87F4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1DFD4CB-40A1-4D70-97AC-0941826F28CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7483F6DD-EDC0-497E-A5A9-B186E02CCCEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "102D0C6A-31B8-4275-A805-4CA446D1C77F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA18147D-E618-4902-8837-5824240DD50E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "75D357CC-EAD0-42E3-B38C-BE2DC44D154E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "201403B4-3B5C-4F77-ADAE-7A553D4D58F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D19926-AB65-4C06-8C44-7EA9B070FD1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F27E94F-F6D6-4C40-878F-BF952658A909",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA71038-2D4E-4366-A3D1-AD85251B3E5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC689F12-84C6-4B52-970F-DAF6B00B4A42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA28BC22-ABF0-4F1E-BA83-85B398775450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05FEBA2-33E8-4074-8B57-4FE6FFEF2F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2002:*:pro:*:*:*:*:*",
              "matchCriteriaId": "A5FA0458-AB41-495E-B41F-C18B4E6876CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEF97C5F-3A80-4973-85FD-5BCE43B32AD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*",
              "matchCriteriaId": "1F0BF645-7C56-4ED6-91C0-AE4CFAB62EE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*",
              "matchCriteriaId": "D7875372-44D7-47AB-8F8C-4A3AB98FB3B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "898D5369-E2F3-450C-8554-1C692EAA9906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "74E5CAF7-C305-4FAF-8DA7-627D83F65185",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself."
    },
    {
      "lang": "es",
      "value": "El controlador SYMDNS.SYS de Symantec Norton Internet Security y Professional 2002 a 2004, Norton Personal Firewall 2002 a 2004, Norton AntiSpam 2004, Client Firewall 5.01 y 5.1.1, Client Securiy 1.0 a 2.0 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumici\u00f3n de CPU en un buble infinito) mediante una respuesta DNS con un puntero de nombre comprimido que apunta a s\u00ed mismo."
    }
  ],
  "id": "CVE-2004-0445",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2004-07-07T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11066"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1010144"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1010145"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1010146"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/682110"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/6100"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/10336"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1010144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1010145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1010146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/682110"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/6100"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/10336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16132"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.