|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-05-28 | |
| Rule Name: | Symantec DNS Response DoS Vulnerability (CVE-2004-0445) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself. | |
| Impact: | An attacker can launch a denial of service attack by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:10336 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html http://securitytracker.com/id?1010144 |
|
| Solutions |
|---|
| A fix for this vulnerability is reportedly available through the Symantec LiveUpdate service. Customers are advised to run LiveUpdate to address this issue. |