lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Nov 2006 18:15:15 +0100 From: Reversemode <advisories@...ersemode.com> To: Securityfocus <bugtraq@...urityfocus.com> Subject: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities. Computer Associates "Host Intrusion Prevention System" Engine Drivers are prone to multiple local privilege escalation vulnerabilities. Unprivileged users can take advantage of these flaws in order to execute arbitrary code with kernel privileges. Two drivers are affected, kmxstart.sys and kmxfw.sys. These drivers hook TDI and NDIS. Using a couple of privileged IOCTLs, unprivileged users can overwrite several function pointers within these drivers. Vendor was notified. No response received. State: Unpatched. Products affected: CA Internet Security, CA Personal Firewall... Advisory http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38 Driver: kmxfw.sys Version: 6.5.4.31 Exploit #1 http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=39 Driver: kmxstart.sys Version: 6.5.4.10 Exploit #2 http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=40 Greets, Rubén Santamarta ------------------- www.reversemode.com Advanced Reverse Engineering Services
Powered by blists - more mailing lists