CVE - CVE-2008-2926

CVE-ID
CVE-2008-2926	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:30651 URL:http://www.securityfocus.com/bid/30651 BUGTRAQ:20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities URL:http://www.securityfocus.com/archive/1/495397/100/0/threaded CONFIRM:http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559 SECTRACK:1020658 URL:http://www.securitytracker.com/id?1020658 SECTRACK:1020659 URL:http://www.securitytracker.com/id?1020659 SECTRACK:1020660 URL:http://www.securitytracker.com/id?1020660 SECUNIA:31434 URL:http://secunia.com/advisories/31434 VUPEN:ADV-2008-2339 URL:http://www.vupen.com/english/advisories/2008/2339 XF:ca-kmxfw-privilege-escalation(44392) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/44392
Assigning CNA
MITRE Corporation
Date Record Created
20080630	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080630)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)