DNS: Symantec DNS Response DOS
This signature detects attempts to exploit a known vulnerability within multiple Symantec client security products. A successful attack can result in a denial-of-service condition. An attacker can craft a DNS packet that can cause the Symantec security products to enter an infinite loop, allowing an attacker to disable all access to the host running the vulnerable product. The victim will need to reboot the server for the system to be usable again.
Extended Description
Various Symantec Client Firewall products are prone to a remote denial-of-service vulnerability because the applications fail to properly handle DNS response packets.
Affected Products
Symantec client_security
Short Name
DNS:SYMANTEC-DNS-RESPONSE-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DNS
Keywords
CVE-2004-0445 DNS DOS Response Symantec bid:10336
Release Date
07/08/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Symantec
CVSS Score
2.6