[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] [TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption
From: Tobias Klein <tk@xxxxxxxxxx>
Date: Tue, 12 Aug 2008 21:44:41 +0200

The kernel driver KmxFw.sys shipped with various CA products contains a
vulnerability in the code that handles IOCTL requests. Exploitation of
this vulnerability can result in:

1) local denial of service attacks (system crash due to a kernel panic),
    or

2) local execution of arbitrary code at the kernel level (complete
    system compromise)

A full technical description can be found in the advisory available at:
http://www.trapkit.de/advisories/TKADV2008-006.txt

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] rPSA-2008-0253-1 git gitweb
Next by Date: Re: [Full-disclosure] Internet attacks against Georgian web sites
Previous by thread: [Full-disclosure] rPSA-2008-0253-1 git gitweb
Next by thread: [Full-disclosure] Step-by-step instructions for debugging Cisco IOS using gdb
Index(es):
- Date
- Thread