Back to search
CVE-2008-2926
Published: Aug 12, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2008-2339
vdb-entry
x_refsource_VUPEN
1020660
vdb-entry
x_refsource_SECTRACK
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559
x_refsource_CONFIRM
20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
31434
third-party-advisory
x_refsource_SECUNIA
1020658
vdb-entry
x_refsource_SECTRACK
30651
vdb-entry
x_refsource_BID
ca-kmxfw-privilege-escalation(44392)
vdb-entry
x_refsource_XF
1020659
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now