Full Disclosure mailing list archives
[TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption
From: Tobias Klein <tk () trapkit de>
Date: Tue, 12 Aug 2008 21:44:41 +0200
The kernel driver KmxFw.sys shipped with various CA products contains a vulnerability in the code that handles IOCTL requests. Exploitation of this vulnerability can result in: 1) local denial of service attacks (system crash due to a kernel panic), or 2) local execution of arbitrary code at the kernel level (complete system compromise) A full technical description can be found in the advisory available at: http://www.trapkit.de/advisories/TKADV2008-006.txt _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption Tobias Klein (Aug 12)