CVE-2004-0445
First published: Thu May 20 2004(Updated: )
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Norton Personal Firewall | =2003 | |
| Symantec Norton Internet Security | =2002 | |
| Symantec Client Security | =1.6 | |
| Symantec Client Firewall | =5.01 | |
| Symantec Norton Internet Security | =2004 | |
| Symantec Norton Personal Firewall | =2002 | |
| Symantec Norton Internet Security | =2003 | |
| Symantec Client Security | =1.2 | |
| Symantec Norton Internet Security | =2002 | |
| Symantec Client Security | =1.7 | |
| Symantec Norton Personal Firewall | =2004 | |
| Symantec Client Security | =1.1 | |
| Symantec Client Security | =1.8 | |
| Symantec Norton Internet Security | =2003 | |
| Symantec Client Security | =1.9 | |
| Symantec Client Security | =1.4 | |
| Symantec Client Firewall | =5.1.1 | |
| Symantec Client Security | =2.0 | |
| Symantec Norton antispam | =2004 | |
| Symantec Client Security | =1.5 | |
| Symantec Client Security | =1.3 | |
| Symantec Norton Internet Security | =2004 | |
| Symantec Client Security | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
- http://www.kb.cert.org/vuls/id/682110
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
- http://secunia.com/advisories/11066
- http://www.securityfocus.com/bid/10336
- http://www.ciac.org/ciac/bulletins/o-141.shtml
- http://www.osvdb.org/6100
- http://securitytracker.com/id?1010144
- http://securitytracker.com/id?1010145
- http://securitytracker.com/id?1010146
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16132
Frequently Asked Questions
What is the severity of CVE-2004-0445?
CVE-2004-0445 has been classified as a high severity vulnerability due to its potential to cause denial of service.
How do I fix CVE-2004-0445?
To mitigate CVE-2004-0445, users should update their Symantec products to the latest versions that contain the necessary security patches.
Which products are affected by CVE-2004-0445?
CVE-2004-0445 affects various versions of Symantec Norton Internet Security, Norton Personal Firewall, Norton AntiSpam, Client Firewall, and Client Security.
What type of attack does CVE-2004-0445 enable?
CVE-2004-0445 enables remote attackers to execute a denial of service attack by consuming excessive CPU resources.
Can CVE-2004-0445 be exploited remotely?
Yes, CVE-2004-0445 can be exploited remotely, allowing attackers to disrupt service on affected systems without local access.
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/symantec
- canonical/symantec norton personal firewall
- version/symantec norton personal firewall/2003
- canonical/symantec norton internet security
- version/symantec norton internet security/2002
- canonical/symantec client security
- version/symantec client security/1.6
- canonical/symantec client firewall
- version/symantec client firewall/5.01
- version/symantec norton internet security/2004
- version/symantec norton personal firewall/2002
- version/symantec norton internet security/2003
- version/symantec client security/1.2
- version/symantec client security/1.7
- version/symantec norton personal firewall/2004
- version/symantec client security/1.1
- version/symantec client security/1.8
- version/symantec client security/1.9
- version/symantec client security/1.4
- version/symantec client firewall/5.1.1
- version/symantec client security/2.0
- canonical/symantec norton antispam
- version/symantec norton antispam/2004
- version/symantec client security/1.5
- version/symantec client security/1.3
- version/symantec client security/1.0