QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2004-0444

Back to search

CVE-2004-0444

Published: May 20, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.

VendorProductVersions

n/a

n/a

affected
n/a

References

6099
vdb-entry
x_refsource_OSVDB
VU#634414
third-party-advisory
x_refsource_CERT-VN
1010146
vdb-entry
x_refsource_SECTRACK
1010145
vdb-entry
x_refsource_SECTRACK
VU#637318
third-party-advisory
x_refsource_CERT-VN
10335
vdb-entry
x_refsource_BID
O-141
third-party-advisory
government-resource
x_refsource_CIAC
VU#294998
third-party-advisory
x_refsource_CERT-VN
10333
vdb-entry
x_refsource_BID
symantec-nbns-response-bo(16134)
vdb-entry
x_refsource_XF
6101
vdb-entry
x_refsource_OSVDB
6102
vdb-entry
x_refsource_OSVDB
symantec-dns-response-bo(16137)
vdb-entry
x_refsource_XF
1010144
vdb-entry
x_refsource_SECTRACK
10334
vdb-entry
x_refsource_BID
11066
third-party-advisory
x_refsource_SECUNIA
symantec-firewalls-nbns-bo(16135)
vdb-entry
x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now