CVE-2004-0444

Name of the Vulnerable Software and Affected Versions Symantec Norton Internet Security versions 2002 through 2004 Symantec Norton Professional versions 2002 through 2004 Symantec Norton Personal Firewall versions 2002 through 2004 Symantec Norton AntiSpam version 2004 Client Firewall versions 5.01 and 5.1.1 Client Security versions 1.0 through 2.0

Description The issue allows remote attackers to cause a denial of service or execute arbitrary code via multiple vulnerabilities in the SYMDNS.SYS component. This can be achieved through a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow. Additionally, a heap-based corruption problem in an NBNS response that is missing certain RR fields can be exploited. A stack-based buffer overflow in the DNS component can also occur via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.

Recommendations For Symantec Norton Internet Security versions 2002 through 2004, update to a version that includes a fix for the SYMDNS.SYS vulnerabilities. For Symantec Norton Professional versions 2002 through 2004, update to a version that includes a fix for the SYMDNS.SYS vulnerabilities. For Symantec Norton Personal Firewall versions 2002 through 2004, update to a version that includes a fix for the SYMDNS.SYS vulnerabilities. For Symantec Norton AntiSpam version 2004, update to a version that includes a fix for the SYMDNS.SYS vulnerabilities. For Client Firewall versions 5.01 and 5.1.1, update to a version that includes a fix for the SYMDNS.SYS vulnerabilities. For Client Security versions 1.0 through 2.0, update to a version that includes a fix for the SYMDNS.SYS vulnerabilities.