Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2004-0444
HistoryJul 07, 2004 - 4:00 a.m.

CVE-2004-0444

2004-07-0704:00:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
29
cve
symdns.sys
symantec
norton internet security
norton personal firewall
norton antispam
client firewall
client security
remote attack
denial of service
arbitrary code execution
buffer overflow
dns component

8.5 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.924 High

EPSS

Percentile

99.0%

JSON

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.

References

Related

checkpoint_advisories 2
cert 3
securityvulns 1
checkpoint_advisories
checkpoint_advisories
Norton Internet Security NBNS Response Processing Stack Overflow - Ver2 (CVE-2004-0444)
2015-05-18 00:00:00
Symantec Norton Firewall NBNS response Remote Heap Corruption (CVE-2004-0444)
2010-01-17 00:00:00
cert
cert
Multiple Symantec firewall products contain a heap corruption vulnerability in the handling of NBNS response packets
2004-05-13 00:00:00
Multiple Symantec firewall products fail to properly process NBNS response packets
2004-05-13 00:00:00
Multiple Symantec firewall products contain a buffer overflow in the processing of DNS resource records
2004-05-13 00:00:00
securityvulns
securityvulns
SYM04-008, Symantec Client Firewall Remote Access and Denial of Service Issues
2004-05-15 00:00:00

8.5 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.924 High

EPSS

Percentile

99.0%

JSON
Related for CVE-2004-0444
checkpoint_advisories2cert3securityvulns1