Details of VAR-200407-0081

ID

VAR-200407-0081

CVE

CVE-2004-0445

TITLE

Multiple Symantec firewall products contain a buffer overflow in the processing of DNS resource records

Trust: 0.8

sources: CERT/CC: VU#637318

DESCRIPTION

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself. There is a heap corruption vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted NetBIOS Name Service (NBNS) response packet could allow an unauthenticated, remote attacker to execute arbitrary code with kernel privileges

Trust: 4.86

sources: NVD: CVE-2004-0445 // CERT/CC: VU#637318 // CERT/CC: VU#294998 // CERT/CC: VU#682110 // CERT/CC: VU#634414 // JVNDB: JVNDB-2004-000889 // BID: 10336 // VULHUB: VHN-8875

AFFECTED PRODUCTS

vendor:	symantec	model:	-	scope:	-	version:	-	Trust: 3.2
vendor:	symantec	model:	norton antispam	scope:	eq	version:	2004	Trust: 1.9
vendor:	symantec	model:	client security	scope:	eq	version:	1.2	Trust: 1.6
vendor:	symantec	model:	client security	scope:	eq	version:	1.8	Trust: 1.6
vendor:	symantec	model:	client security	scope:	eq	version:	1.5	Trust: 1.6
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2002	Trust: 1.6
vendor:	symantec	model:	client security	scope:	eq	version:	1.4	Trust: 1.6
vendor:	symantec	model:	client security	scope:	eq	version:	1.3	Trust: 1.6
vendor:	symantec	model:	client security	scope:	eq	version:	1.6	Trust: 1.6
vendor:	symantec	model:	client security	scope:	eq	version:	1.9	Trust: 1.6
vendor:	symantec	model:	client firewall	scope:	eq	version:	5.1.1	Trust: 1.3
vendor:	symantec	model:	client firewall	scope:	eq	version:	5.01	Trust: 1.3
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	2003	Trust: 1.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2003	Trust: 1.3
vendor:	symantec	model:	client security	scope:	eq	version:	1.0	Trust: 1.3
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	2004	Trust: 1.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2004	Trust: 1.3
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	2002	Trust: 1.3
vendor:	symantec	model:	client security	scope:	eq	version:	1.1	Trust: 1.3
vendor:	symantec	model:	client security	scope:	eq	version:	1.7	Trust: 1.0
vendor:	symantec	model:	client security	scope:	eq	version:	2.0	Trust: 1.0
vendor:	シマンテック	model:	client security	scope:	-	version:	-	Trust: 0.8
vendor:	シマンテック	model:	norton antispam	scope:	-	version:	-	Trust: 0.8
vendor:	シマンテック	model:	norton internet security	scope:	-	version:	-	Trust: 0.8
vendor:	シマンテック	model:	client firewall	scope:	-	version:	-	Trust: 0.8
vendor:	シマンテック	model:	norton personal firewall	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	norton internet security professional edition	scope:	eq	version:	20020	Trust: 0.3
vendor:	symantec	model:	norton internet security professional edition	scope:	eq	version:	2004	Trust: 0.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	20020	Trust: 0.3
vendor:	symantec	model:	client security (scf	scope:	eq	version:	2.07.1)	Trust: 0.3
vendor:	symantec	model:	norton internet security professional edition	scope:	eq	version:	2003	Trust: 0.3

sources: CERT/CC: VU#637318 // CERT/CC: VU#294998 // CERT/CC: VU#682110 // CERT/CC: VU#634414 // BID: 10336 // JVNDB: JVNDB-2004-000889 // CNNVD: CNNVD-200407-003 // NVD: CVE-2004-0445

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-0445
value:	LOW
Trust: 1.0
CARNEGIE MELLON:	VU#637318
value:	23.91
Trust: 0.8
CARNEGIE MELLON:	VU#294998
value:	15.54
Trust: 0.8
CARNEGIE MELLON:	VU#682110
value:	9.56
Trust: 0.8
CARNEGIE MELLON:	VU#634414
value:	21.09
Trust: 0.8
NVD:	CVE-2004-0445
value:	LOW
Trust: 0.8
CNNVD:	CNNVD-200407-003
value:	LOW
Trust: 0.6
VULHUB:	VHN-8875
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2004-0445
severity:	LOW
baseScore:	2.6
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-8875
severity:	LOW
baseScore:	2.6
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#637318 // CERT/CC: VU#294998 // CERT/CC: VU#682110 // CERT/CC: VU#634414 // VULHUB: VHN-8875 // JVNDB: JVNDB-2004-000889 // CNNVD: CNNVD-200407-003 // NVD: CVE-2004-0445

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2004-000889 // NVD: CVE-2004-0445

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200407-003

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200407-003

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-8875

EXTERNAL IDS

db:	SECUNIA	id:	11066	Trust: 5.7
db:	CERT/CC	id:	VU#682110	Trust: 3.6
db:	NVD	id:	CVE-2004-0445	Trust: 3.6
db:	BID	id:	10336	Trust: 2.8
db:	SECTRACK	id:	1010144	Trust: 2.5
db:	SECTRACK	id:	1010146	Trust: 2.5
db:	SECTRACK	id:	1010145	Trust: 2.5
db:	OSVDB	id:	6100	Trust: 1.7
db:	CERT/CC	id:	VU#637318	Trust: 0.8
db:	CERT/CC	id:	VU#294998	Trust: 0.8
db:	CERT/CC	id:	VU#634414	Trust: 0.8
db:	JVNDB	id:	JVNDB-2004-000889	Trust: 0.8
db:	CNNVD	id:	CNNVD-200407-003	Trust: 0.7
db:	CIAC	id:	O-141	Trust: 0.6
db:	XF	id:	16132	Trust: 0.6
db:	FULLDISC	id:	20040512 EEYE: SYMANTEC MULTIPLE FIREWALL DNS RESPONSE DENIAL-OF-SERVICE	Trust: 0.6
db:	EXPLOIT-DB	id:	299	Trust: 0.1
db:	SEEBUG	id:	SSVID-15311	Trust: 0.1
db:	VULHUB	id:	VHN-8875	Trust: 0.1

sources: CERT/CC: VU#637318 // CERT/CC: VU#294998 // CERT/CC: VU#682110 // CERT/CC: VU#634414 // VULHUB: VHN-8875 // BID: 10336 // JVNDB: JVNDB-2004-000889 // CNNVD: CNNVD-200407-003 // NVD: CVE-2004-0445

REFERENCES

url:	http://securityresponse.symantec.com/avcenter/security/content/2004.05.12.html	Trust: 5.2
url:	http://secunia.com/advisories/11066/	Trust: 3.2
url:	http://www.kb.cert.org/vuls/id/682110	Trust: 2.8
url:	http://www.securityfocus.com/bid/10336	Trust: 2.5
url:	http://www.ciac.org/ciac/bulletins/o-141.shtml	Trust: 2.5
url:	http://lists.grok.org.uk/pipermail/full-disclosure/2004-may/021359.html	Trust: 2.5
url:	http://securitytracker.com/id?1010144	Trust: 2.5
url:	http://securitytracker.com/id?1010145	Trust: 2.5
url:	http://securitytracker.com/id?1010146	Trust: 2.5
url:	http://secunia.com/advisories/11066	Trust: 2.5
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/16132	Trust: 1.9
url:	http://www.osvdb.org/6100	Trust: 1.7
url:	http://www.eeye.com/html/research/advisories/ad20040512b.html	Trust: 1.1
url:	http://www.eeye.com/html/research/advisories/ad20040512d.html	Trust: 0.8
url:	http://www.eeye.com/html/research/advisories/ad20040512c.html	Trust: 0.8
url:	http://securityresponse.symantec.com/avcenter/security/content/2004.05.12.html	Trust: 0.8
url:	http://www.eeye.com/html/research/advisories/ad20040512a.html	Trust: 0.8
url:	http://www.ietf.org/rfc/rfc1001.txt	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2004-0445	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/16132	Trust: 0.6
url:	/archive/1/363228	Trust: 0.3

CREDITS

Discovery of this vulnerability has been credited to Barnaby Jack, Karl Lynn and Derek Soeder.

Trust: 0.9

sources: BID: 10336 // CNNVD: CNNVD-200407-003

SOURCES

db:	CERT/CC	id:	VU#637318
db:	CERT/CC	id:	VU#294998
db:	CERT/CC	id:	VU#682110
db:	CERT/CC	id:	VU#634414
db:	VULHUB	id:	VHN-8875
db:	BID	id:	10336
db:	JVNDB	id:	JVNDB-2004-000889
db:	CNNVD	id:	CNNVD-200407-003
db:	NVD	id:	CVE-2004-0445

LAST UPDATE DATE

2024-08-14T15:04:47.781000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#637318	date:	2004-05-13T00:00:00
db:	CERT/CC	id:	VU#294998	date:	2004-05-13T00:00:00
db:	CERT/CC	id:	VU#682110	date:	2004-05-13T00:00:00
db:	CERT/CC	id:	VU#634414	date:	2004-06-02T00:00:00
db:	VULHUB	id:	VHN-8875	date:	2017-07-11T00:00:00
db:	BID	id:	10336	date:	2006-09-05T22:28:00
db:	JVNDB	id:	JVNDB-2004-000889	date:	2024-06-04T08:51:00
db:	CNNVD	id:	CNNVD-200407-003	date:	2006-08-28T00:00:00
db:	NVD	id:	CVE-2004-0445	date:	2017-07-11T01:30:09.933

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#637318	date:	2004-05-13T00:00:00
db:	CERT/CC	id:	VU#294998	date:	2004-05-13T00:00:00
db:	CERT/CC	id:	VU#682110	date:	2004-05-13T00:00:00
db:	CERT/CC	id:	VU#634414	date:	2004-05-13T00:00:00
db:	VULHUB	id:	VHN-8875	date:	2004-07-07T00:00:00
db:	BID	id:	10336	date:	2004-05-12T00:00:00
db:	JVNDB	id:	JVNDB-2004-000889	date:	2024-06-04T00:00:00
db:	CNNVD	id:	CNNVD-200407-003	date:	2004-07-07T00:00:00
db:	NVD	id:	CVE-2004-0445	date:	2004-07-07T04:00:00