Computer Security
[EN] securityvulns.ru no-pyccku


CA CA Host-Based Intrusion Prevention System SDK multiple security vulnerabilities
Published:15.08.2008
Source:
SecurityVulns ID:9225
Type:library
Threat Level:
6/10
Description:Invalid IOCTL processing.
Affected:CA : CA Personal Firewall 2007
 CA : CA Internet Security Suite 2007
 CA : CA Internet Security Suite 2008
 CA : CA Personal Firewall 2008
CVE:CVE-2008-3174 (Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, allows remote attackers to cause a denial of service via unknown vectors, related to "insufficient validation.")
 CVE-2008-2926 (The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.)
Original documentdocumenttk_(at)_trapkit.de, [TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption (15.08.2008)
 documentCA, CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities (15.08.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod