6099 : Symantec Multiple Firewall NBNS Response Processing Overflow
Printer | http://osvdb.org/6099 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
3	258	over 5 years ago	2 minutes ago	4 times	100%

Timeline

Discovery Date	Vendor Informed Date	Disclosure Date	Vendor Solution Date
2004-04-19	2004-04-19	2004-05-12	2004-05-12

Time to Patch
23 days

Keywords

SYM04-008

Description

A remote overflow exists in Symantec Norton Personal Firewall. The product fails to check bounds in the main NBNS processing routine and can be overflowed via overwritten index variable. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Rumored
Disclosure: OSVDB Verified
OSVDB: Security Software

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Symantec has released a patch to address this vulnerability. Customers can obtain the update via the LiveUpdate utility:

1. Open any installed Symantec product
2. Click on LiveUpdate in the toolbar
3. Run LiveUpdate until Symantec LiveUpdate indicated that all installed Symantec products are up-to-date

Products

Symantec Corporation	Norton Internet Security	2002
		2003
		2004
	Norton Personal Firewall	2002
		2003
		2004
	Client Firewall	5.0.1
	Client Firewall	5.1.1
	Client Security	1.0
		1.1
		2.0(SCF 7.1)
	Norton AntiSpam	2004
	Norton Internet Security Professional	2002
		2003
		2004

References

CVE ID: 2004-0444 (see also: NVD) 2004-0445 (see also: NVD)
Related OSVDB ID: 6100 6101 6102
Keyword: AD20040512A SYM04-008
Other Advisory URL: http://research.eeye.com/html/advisories/published/AD20040512A.html
http://www.eeye.com/html/Research/Advisories/AD20040512A.html [ Link is 404 ]
Vendor Specific Advisory URL: http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html

Tools & Filters

Snort	14777 15972 16015 2563 2564

Credit

Derek Soeder - eEye Digital Security

CVSSv2 Score

CVSSv2 Base Score = 10.0
Source: nvd.nist.gov | Generated: 2003-12-31 | Disagree? | There are 1 more: View All

Blogs

This product uses the Daylife API but is not endorsed or certified by Daylife.

This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Timeline

Keywords

Description

Classification

Solution

Products

Symantec Corporation

Norton Internet Security

Norton Personal Firewall

Client Firewall

Client Security

Norton AntiSpam

Norton Internet Security Professional