CVE-2004-0445

Symantec Norton Internet Security <2004 - DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0445. PoCs published by houseofdabus.

AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in Symantec firewalls by sending a malformed DNS response packet. The PoC constructs a crafted UDP packet with a malicious DNS response to trigger an infinite loop in the kernel, causing a system freeze.

Description

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.

Exploits (1)

exploitdb WORKING POC VERIFIED

by houseofdabus · cdoswindows

https://www.exploit-db.com/exploits/299

View Code ZIP pw:eip

This exploit targets a denial-of-service vulnerability in Symantec firewalls by sending a malformed DNS response packet. The PoC constructs a crafted UDP packet with a malicious DNS response to trigger an infinite loop in the kernel, causing a system freeze.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Symantec Norton Personal Firewall 2004 and related products

No auth needed

Prerequisites: Network access to the target system · Ability to send UDP packets to port 53

MITRE ATT&CK