---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: CA Products kmxfw.sys Privilege Escalation and Denial of Service SECUNIA ADVISORY ID: SA31434 VERIFY ADVISORY: http://secunia.com/advisories/31434/ CRITICAL: Moderately critical IMPACT: Privilege escalation, DoS WHERE: >From remote SOFTWARE: CA Personal Firewall 2007 http://secunia.com/product/12660/ CA Internet Security Suite Plus 2008 http://secunia.com/product/18834/ CA Internet Security Suite 2007 http://secunia.com/product/14434/ CA Host-Based Intrusion Prevention System (CA HIPS) 8.x http://secunia.com/product/16198/ CA Personal Firewall 2008 http://secunia.com/product/19549/ DESCRIPTION: Some vulnerabilities have been reported in multiple CA products, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges, and by malicious people to cause a DoS. 1) An error exists within the processing of IOCTL requests in the kmxfw.sys kernel driver. This can be exploited to cause a system crash or to potentially execute arbitrary code with SYSTEM privileges. 2) An unspecified error in the kmxfw.sys driver can be exploited to cause a DoS. The vulnerabilities are reported in the following products: * CA Host-Based Intrusion Prevention System r8 * CA Internet Security Suite 2007 * CA Internet Security Suite 2008 * CA Personal Firewall 2007 * CA Personal Firewall 2008 SOLUTION: CA Host-Based Intrusion Prevention System r8: Apply vendor patch. https://support.ca.com/irj/portal/anonymous/SolutionResults?aparNo=RO00535&actionID=4 CA Internet Security Suite r3, r4, and CA Personal Firewall 2007, 2008: Update the CA Personal Firewall Engine to version 1.2.276 or later via the built-in update mechanism. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Tobias Klein 2) Elazar Broad ORIGINAL ADVISORY: CA: http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------