CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
5.1 | $0-$5k | 0.00 |
A vulnerability was found in Symantec Firewall (Firewall Software) (the affected version is unknown). It has been rated as critical. Affected by this issue is an unknown code of the component NBNS Response Handler. The manipulation with an unknown input leads to a heap-based overflow vulnerability. Using CWE to declare the problem leads to CWE-122. A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). Impacted is confidentiality, integrity, and availability.
The bug was discovered 04/19/2004. The weakness was released 05/12/2004 by Karl Lynn (Website). The advisory is shared for download at securityresponse.symantec.com. There are neither technical details nor an exploit publicly available.
The vulnerability was handled as a non-public zero-day exploit for at least 23 days. During that time the estimated underground price was around $25k-$100k.
Addressing this vulnerability is possible by firewalling . A possible mitigation has been published immediately after the disclosure of the vulnerability. Attack attempts may be identified with Snort ID 14777.
Entry connected to this vulnerability is available at 82017.
Product
Type
Vendor
Name
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 5.1
VulDB Base Score: 5.3
VulDB Temp Score: 5.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Heap-based overflowCWE: CWE-122 / CWE-119
ATT&CK: Unknown
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: FirewallStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Snort ID: 14777
Timeline
04/19/2004 🔍05/12/2004 🔍
05/12/2004 🔍
05/12/2004 🔍
04/11/2016 🔍
10/02/2018 🔍
Sources
Vendor: symantec.comAdvisory: securityresponse.symantec.com
Researcher: Karl Lynn
Status: Not defined
OSVDB: 6101 - Symantec Multiple Firewall NBNS Response Remote Heap Corruption
See also: 🔍
Entry
Created: 04/11/2016 18:05Updated: 10/02/2018 08:57
Changes: 04/11/2016 18:05 (43), 10/02/2018 08:57 (3)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.