[TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption

[Tobias Klein <tk () trapkit de>]

The kernel driver KmxFw.sys shipped with various CA products contains a
vulnerability in the code that handles IOCTL requests. Exploitation of
this vulnerability can result in:

1) local denial of service attacks (system crash due to a kernel panic),
    or

2) local execution of arbitrary code at the kernel level (complete
    system compromise)

A full technical description can be found in the advisory available at:
http://www.trapkit.de/advisories/TKADV2008-006.txt

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/