CVE-2004-0445

Symantec Norton Internet Security <2004 - DoS

Title source: llm

Description

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.

Exploits (1)

exploitdb WORKING POC VERIFIED

by houseofdabus · cdoswindows

https://www.exploit-db.com/exploits/299

View Code ZIP pw:eip

References (11)

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1010146

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1010145

[Third Party Advisory, US Government Resource] http://www.ciac.org/ciac/bulletins/o-141.shtml

[Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/682110

[Third Party Advisory, VDB Entry] http://www.osvdb.org/6100

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16132

[Patch, Vendor Advisory] http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1010144

[Third Party Advisory] http://secunia.com/advisories/11066

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/10336

Scores

EPSS 0.3432

EPSS Percentile 97.0%

Details

Status published

Products (20)

symantec/client_firewall 5.01

symantec/client_firewall 5.1.1

symantec/client_security 1.0

symantec/client_security 1.1

symantec/client_security 1.2

symantec/client_security 1.3

symantec/client_security 1.4

symantec/client_security 1.5

symantec/client_security 1.6

symantec/client_security 1.7

... and 10 more

Published Jul 07, 2004

Tracked Since Feb 18, 2026