lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <649CDCB56C88AA458EFF2CBF494B620401BCDDC3@USILMS12.ca.com>
Date: Tue, 21 Nov 2006 18:49:56 -0500
From: "Williams, James K" <James.Williams@...com>
To: <bugtraq@...urityfocus.com>
Subject: RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities. 


> -----Original Message-----
> From: Reversemode [mailto:advisories@...ersemode.com] 
> Sent: Thursday, November 16, 2006 11:15 AM
> To: Securityfocus
> Subject: [Reversemode advisory] Computer Associates HIPS 
> Drivers - multiple local privilege escalation vulnerabilities. 
> 
> 
> Computer Associates "Host Intrusion Prevention System" Engine Drivers
> are prone to multiple local privilege escalation vulnerabilities.
> Unprivileged users can take advantage of these flaws in order 
> to execute arbitrary code with kernel privileges.
> 
> Two drivers are affected, kmxstart.sys and kmxfw.sys. These 
> drivers hook TDI and NDIS. 

[...snip...]

Rubén, Reversemode,
Thanks for the report.

Bugtraq,
CA has been aware of this issue since 2006-11-16, 
and we are currently working on a solution.  If you
have questions or concerns, please send email to 
vuln AT ca DOT com.

Regards,
Ken

Ken Williams ; 0xE2941985
Director, CA Vulnerability Research
W: 816.686.8742 ; M: 816.914.4225

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ