CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
98.9%
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
Vendor | Product | Version | CPE |
---|---|---|---|
symantec | client_firewall | 5.01 | cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:* |
symantec | client_firewall | 5.1.1 | cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:* |
symantec | client_security | 1.0 | cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:* |
symantec | client_security | 1.1 | cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:* |
symantec | client_security | 1.2 | cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:* |
symantec | client_security | 1.3 | cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:* |
symantec | client_security | 1.4 | cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:* |
symantec | client_security | 1.5 | cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:* |
symantec | client_security | 1.6 | cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:* |
symantec | client_security | 1.7 | cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:* |
lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
secunia.com/advisories/11066
securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
securitytracker.com/id?1010144
securitytracker.com/id?1010145
securitytracker.com/id?1010146
www.ciac.org/ciac/bulletins/o-141.shtml
www.kb.cert.org/vuls/id/682110
www.osvdb.org/6100
www.securityfocus.com/bid/10336
exchange.xforce.ibmcloud.com/vulnerabilities/16132