This application requires Javascript for optimal performance.

Symantec.Client.Firewall.DNS.Response.Buffer.Overflow

Release Date Oct 19, 2006
Severity critical
Impact System compromise: remote code execution.
Description This indicates a possible attempt to exploit a buffer overflow vulnerability in various Symantec Firewall Products. The vulnerability is a result of insufficient bounds checking of DNS response data. It may be exploited to gain SYSTEM/kernel level access to a computer hosting the vulnerable software. The source of the vulnerability is that the CNAME (Canonical Name) data field specified in incoming DNS Resource Records is copied into an internal buffer in an insecure manner, resulting in a stack-based buffer overflow.
Affected Products Symantec Norton Personal Firewall 2004 Symantec Norton Personal Firewall 2003 Symantec Norton Personal Firewall 2002 Symantec Norton Internet Security 2004 Professional Edition Symantec Norton Internet Security 2004 Symantec Norton Internet Security 2003 Professional Edition Symantec Norton Internet Security 2003 Symantec Norton Internet Security 2002 Professional Edition 0 Symantec Norton Internet Security 2002 0 Symantec Norton AntiSpam 2004 Symantec Client Security 2.0 (SCF 7.1) Symantec Client Security 1.1 Symantec Client Security 1.0 Symantec Client Firewall 5.1.1 Symantec Client Firewall 5.0 1
Recommended Actions Symantec recommends that clients running corporate versions of the affected products apply patches obtained through their appropriate support channels.
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2004-0444
Reference/s http://www.securityfocus.com/bid/10334 (BugTraq)

Reference: VID-13468

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2011 Fortinet Inc. All Rights Reserved