Denial of Service Vulnerability in Symantec Norton Products
CVE-2004-0445

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Personal Firewall; Norton Internet Security; Client Security; Client Firewall
Vendor: CVE Published:; 7 July 2004

Summary

The SYMDNS.SYS driver in various Symantec Norton products is susceptible to a denial of service condition due to a flaw in how it handles DNS responses. A remote attacker can exploit this vulnerability by sending a specially crafted DNS response containing a compressed name pointer that erroneously points to itself. This can lead to excessive CPU consumption as the affected system enters an infinite loop, potentially disrupting services and impacting system performance.

References

http://securitytracker.com/id?1010146

vdb-entryx_refsource_SECTRACK

http://securitytracker.com/id?1010145

vdb-entryx_refsource_SECTRACK

http://www.ciac.org/ciac/bulletins/o-141.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

EPSS Score

35% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 7, 2004
Vulnerability Reserved
May 4, 2004