Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2004-0444
HistoryJul 07, 2004 - 4:00 a.m.

CVE-2004-0444

2004-07-0704:00:00
mitre
web.nvd.nist.gov
42
cve
symdns.sys
symantec
norton internet security
norton personal firewall
norton antispam
client firewall
client security
remote attack
denial of service
arbitrary code execution
buffer overflow
dns component

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.4

Confidence

High

EPSS

0.926

Percentile

99.0%

JSON

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.

Affected configurations

Nvd
Node
symantecclient_firewallMatch5.01
OR
symantecclient_firewallMatch5.1.1
OR
symantecclient_securityMatch1.0
OR
symantecclient_securityMatch1.1
OR
symantecclient_securityMatch1.2
OR
symantecclient_securityMatch1.3
OR
symantecclient_securityMatch1.4
OR
symantecclient_securityMatch1.5
OR
symantecclient_securityMatch1.6
OR
symantecclient_securityMatch1.7
OR
symantecclient_securityMatch1.8
OR
symantecclient_securityMatch1.9
OR
symantecclient_securityMatch2.0
OR
symantecnorton_antispamMatch2004
OR
symantecnorton_internet_securityMatch2002
OR
symantecnorton_internet_securityMatch2002pro
OR
symantecnorton_internet_securityMatch2003
OR
symantecnorton_internet_securityMatch2003pro
OR
symantecnorton_internet_securityMatch2004
OR
symantecnorton_internet_securityMatch2004pro
OR
symantecnorton_personal_firewallMatch2002
OR
symantecnorton_personal_firewallMatch2003
OR
symantecnorton_personal_firewallMatch2004
VendorProductVersionCPE
symantecclient_firewall5.01cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
symantecclient_firewall5.1.1cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
symantecclient_security1.0cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
symantecclient_security1.1cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
symantecclient_security1.2cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*
symantecclient_security1.3cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*
symantecclient_security1.4cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*
symantecclient_security1.5cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*
symantecclient_security1.6cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*
symantecclient_security1.7cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*
Rows per page:
1-10 of 231

References

Related

checkpoint_advisories 2
cert 3
cvelist 1
nvd 1
securityvulns 1
checkpoint_advisories
checkpoint_advisories
Symantec Norton Firewall NBNS response Remote Heap Corruption (CVE-2004-0444)
2010-01-17 00:00:00
Norton Internet Security NBNS Response Processing Stack Overflow - Ver2 (CVE-2004-0444)
2015-05-18 00:00:00
cert
cert
Multiple Symantec firewall products contain a heap corruption vulnerability in the handling of NBNS response packets
2004-05-13 00:00:00
Multiple Symantec firewall products contain a buffer overflow in the processing of DNS resource records
2004-05-13 00:00:00
Multiple Symantec firewall products fail to properly process NBNS response packets
2004-05-13 00:00:00
cvelist
cvelist
CVE-2004-0444
2004-05-20 04:00:00
nvd
nvd
CVE-2004-0444
2004-07-07 04:00:00
securityvulns
securityvulns
SYM04-008, Symantec Client Firewall Remote Access and Denial of Service Issues
2004-05-15 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.4

Confidence

High

EPSS

0.926

Percentile

99.0%

JSON
Related for CVE-2004-0444
checkpoint_advisories2cert3cvelist1nvd1securityvulns1