Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2004-0445
HistoryJul 07, 2004 - 4:00 a.m.

CVE-2004-0445

2004-07-0704:00:00
mitre
web.nvd.nist.gov
33
symdns.sys
symantec
norton
internet security
professional
norton personal firewall
norton antispam
client firewall
client security
denial of service
cpu consumption
dns response vulnerability
remote attack

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.92

Percentile

98.9%

JSON

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.

Affected configurations

Nvd
Node
symantecclient_firewallMatch5.01
OR
symantecclient_firewallMatch5.1.1
OR
symantecclient_securityMatch1.0
OR
symantecclient_securityMatch1.1
OR
symantecclient_securityMatch1.2
OR
symantecclient_securityMatch1.3
OR
symantecclient_securityMatch1.4
OR
symantecclient_securityMatch1.5
OR
symantecclient_securityMatch1.6
OR
symantecclient_securityMatch1.7
OR
symantecclient_securityMatch1.8
OR
symantecclient_securityMatch1.9
OR
symantecclient_securityMatch2.0
OR
symantecnorton_antispamMatch2004
OR
symantecnorton_internet_securityMatch2002
OR
symantecnorton_internet_securityMatch2002pro
OR
symantecnorton_internet_securityMatch2003
OR
symantecnorton_internet_securityMatch2003pro
OR
symantecnorton_internet_securityMatch2004
OR
symantecnorton_internet_securityMatch2004pro
OR
symantecnorton_personal_firewallMatch2002
OR
symantecnorton_personal_firewallMatch2003
OR
symantecnorton_personal_firewallMatch2004
VendorProductVersionCPE
symantecclient_firewall5.01cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
symantecclient_firewall5.1.1cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
symantecclient_security1.0cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
symantecclient_security1.1cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
symantecclient_security1.2cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*
symantecclient_security1.3cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*
symantecclient_security1.4cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*
symantecclient_security1.5cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*
symantecclient_security1.6cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*
symantecclient_security1.7cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*
Rows per page:
1-10 of 231

Related

cert 1
cvelist 1
exploitdb 1
nvd 1
cert
cert
Multiple Symantec firewall products fail to properly process DNS response packets
2004-05-13 00:00:00
cvelist
cvelist
CVE-2004-0445
2004-05-20 04:00:00
exploitdb
exploitdb
Symantec Multiple Firewall - DNS Response Denial of Service
2004-05-16 00:00:00
nvd
nvd
CVE-2004-0445
2004-07-07 04:00:00

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.92

Percentile

98.9%

JSON
Related for CVE-2004-0445
cert1cvelist1exploitdb1nvd1