Vulnerabilities > CVE-2004-0445 - Remote DNS Response Denial Of Service vulnerability in Symantec Client Firewall

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

high complexity

symantec

exploit available

NVD

Published: 2004-07-07

Updated: 2017-07-11

Summary

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.

Vulnerable Configurations

Part	Description	Count
Application	Symantec Symantec Client Firewall 5.01 Symantec Client Firewall 5.1.1 Symantec Client Security 1.0 Symantec Client Security 1.1 Symantec Client Security 1.2 Symantec Client Security 1.3 Symantec Client Security 1.4 Symantec Client Security 1.5 Symantec Client Security 1.6 Symantec Client Security 1.7 Symantec Client Security 1.8 Symantec Client Security 1.9 Symantec Client Security 2.0 Symantec Norton Antispam 2004 Symantec Norton Internet Security 2002 Symantec Norton Internet Security 2003 Symantec Norton Internet Security 2004 Symantec Norton Personal Firewall 2002 Symantec Norton Personal Firewall 2003 Symantec Norton Personal Firewall 2004	23

Exploit-Db

description	Symantec Multiple Firewall DNS Response Denial of Service. CVE-2004-0445. Dos exploit for windows platform
id	EDB-ID:299
last seen	2016-01-31
modified	2004-05-16
published	2004-05-16
reporter	houseofdabus
source	https://www.exploit-db.com/download/299/
title	Symantec Multiple Firewall DNS Response Denial of Service

Summary

Vulnerable Configurations

Exploit-Db

References