Vulnerability Description
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Client Firewall | 5.01 |
| Symantec | Client Security | 1.0 |
| Symantec | Norton Antispam | 2004 |
| Symantec | Norton Internet Security | 2002 |
| Symantec | Norton Personal Firewall | 2002 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
- http://secunia.com/advisories/11066
- http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.htmlPatchVendor Advisory
- http://securitytracker.com/id?1010144
- http://securitytracker.com/id?1010145
- http://securitytracker.com/id?1010146
- http://www.ciac.org/ciac/bulletins/o-141.shtml
- http://www.kb.cert.org/vuls/id/682110PatchThird Party AdvisoryUS Government Resource
- http://www.osvdb.org/6100
- http://www.securityfocus.com/bid/10336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16132
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
- http://secunia.com/advisories/11066
- http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.htmlPatchVendor Advisory
- http://securitytracker.com/id?1010144
FAQ
What is CVE-2004-0445?
CVE-2004-0445 is a vulnerability with a CVSS score of 2.6 (LOW). The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Cli...
How severe is CVE-2004-0445?
CVE-2004-0445 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0445?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Client Firewall, Symantec Client Security, Symantec Norton Antispam, Symantec Norton Internet Security, Symantec Norton Personal Firewall.