2.6

CVE-2004-0445

The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SymantecClient Firewall Version5.01
SymantecClient Firewall Version5.1.1
SymantecClient Security Version1.0
SymantecClient Security Version1.1
SymantecClient Security Version1.2
SymantecClient Security Version1.3
SymantecClient Security Version1.4
SymantecClient Security Version1.5
SymantecClient Security Version1.6
SymantecClient Security Version1.7
SymantecClient Security Version1.8
SymantecClient Security Version1.9
SymantecClient Security Version2.0
SymantecNorton Antispam Version2004
SymantecNorton Internet Security Version2002 Editionpro
SymantecNorton Internet Security Version2003 Editionpro
SymantecNorton Internet Security Version2004 Editionpro
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 11.05% 0.953
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/11066
http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
Patch
Vendor Advisory
http://securitytracker.com/id?1010144
http://securitytracker.com/id?1010145
http://securitytracker.com/id?1010146
http://www.ciac.org/ciac/bulletins/o-141.shtml
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
http://www.kb.cert.org/vuls/id/682110
Patch
Third Party Advisory
US Government Resource
http://www.osvdb.org/6100
http://www.securityfocus.com/bid/10336
https://exchange.xforce.ibmcloud.com/vulnerabilities/16132