CVE-2004-0444

Symantec Norton Internet Security <2004 - RCE/DoS

Title source: llm

Description

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.

References (21)

Core 21

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/6099

Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/634414

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/637318

Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/294998

Mailing List mailing-list x_refsource_fulldisc

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html

Mailing List mailing-list x_refsource_fulldisc

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html

Mailing List mailing-list x_refsource_fulldisc

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1010146

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1010145

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10335

Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac

http://www.ciac.org/ciac/bulletins/o-141.shtml

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10333

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/16134

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/6101

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/6102

Various Sources x_refsource_confirm

http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/16137

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1010144

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10334

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/11066

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/16135

Scores

EPSS 0.6285

EPSS Percentile 98.4%

Details

Status published

Products (20)

symantec/client_firewall 5.01

symantec/client_firewall 5.1.1

symantec/client_security 1.0

symantec/client_security 1.1

symantec/client_security 1.2

symantec/client_security 1.3

symantec/client_security 1.4

symantec/client_security 1.5

symantec/client_security 1.6

symantec/client_security 1.7

... and 10 more

Published Jul 07, 2004

Tracked Since Feb 18, 2026