Vulnerability Name:

CVE-2004-0445 (CCN-16132)

Assigned:2004-05-12
Published:2004-05-12
Updated:2017-07-11
Summary:The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: Full-Disclosure Mailing List, Wed May 12 2004 - 18:59:47 CDT
EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service

Source: MITRE
Type: CNA
CVE-2004-0445

Source: FULLDISC
Type: UNKNOWN
20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service

Source: CCN
Type: SA11066
Symantec Client Firewall Products Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
11066

Source: CCN
Type: Symantec Security Response SYM04-008
Symantec Client Firewall Remote Access and Denial of Service Issues

Source: CONFIRM
Type: Patch, Vendor Advisory
http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html

Source: CCN
Type: SECTRACK ID: 1010144
Symantec Client Firewall SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System

Source: SECTRACK
Type: UNKNOWN
1010144

Source: CCN
Type: SECTRACK ID: 1010145
Symantec Client Security SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System

Source: SECTRACK
Type: UNKNOWN
1010145

Source: CCN
Type: SECTRACK ID: 1010146
Norton AntiSpam SYMDNS.SYS Driver Lets Remote Users Execute Arbitrary Code to Take Full Control of the System

Source: SECTRACK
Type: UNKNOWN
1010146

Source: CIAC
Type: UNKNOWN
O-141

Source: CCN
Type: US-CERT VU#682110
Multiple Symantec firewall products fail to properly process DNS response packets

Source: CERT-VN
Type: Patch, Third Party Advisory, US Government Resource
VU#682110

Source: OSVDB
Type: UNKNOWN
6100

Source: CCN
Type: OSVDB ID: 6100
Symantec Multiple Firewall DNS Response DoS

Source: BID
Type: UNKNOWN
10336

Source: CCN
Type: BID-10336
Symantec Client Firewall Remote DNS Response Denial Of Service Vulnerability

Source: XF
Type: UNKNOWN
symantec-firewall-dns-dos(16132)

Source: XF
Type: UNKNOWN
symantec-firewall-dns-dos(16132)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.6:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.7:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.8:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.9:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antispam:2004:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2002:*:pro:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2004::professional:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antispam:2004:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2003::professional:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0::scf_7.1:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec client firewall 5.01
    symantec client firewall 5.1.1
    symantec client security 1.0
    symantec client security 1.1
    symantec client security 1.2
    symantec client security 1.3
    symantec client security 1.4
    symantec client security 1.5
    symantec client security 1.6
    symantec client security 1.7
    symantec client security 1.8
    symantec client security 1.9
    symantec client security 2.0
    symantec norton antispam 2004
    symantec norton internet security 2002
    symantec norton internet security 2002
    symantec norton internet security 2003
    symantec norton internet security 2003
    symantec norton internet security 2004
    symantec norton internet security 2004
    symantec norton personal firewall 2002
    symantec norton personal firewall 2003
    symantec norton personal firewall 2004
    symantec norton personal firewall 2002
    symantec norton internet security 2003
    symantec norton personal firewall 2003
    symantec norton internet security 2004
    symantec norton internet security 2004
    symantec norton personal firewall 2004
    symantec norton antispam 2004
    symantec norton internet security 2002
    symantec norton internet security 2003
    symantec client security 2.0
    symantec client security 1.0
    symantec client security 1.1
    symantec client firewall 5.01
    symantec client firewall 5.1.1