CA Personal Firewall 'kmxfw.sys' Driver Bug Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1020663 |
|
SecurityTracker URL: http://securitytracker.com/id/1020663
|
|
CVE Reference:
CVE-2008-3174
(Links to External Site)
|
Date: Aug 12 2008
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2007, 2008
|
Description:
A vulnerability was reported in CA Personal Firewall. A remote or local user can cause denial of service conditions.
A remote or local user can send specially crafted data to trigger an unspecified input validation flaw in the 'kmxfw.sys' driver and cause denial of service conditions.
Elazar Broad reported this vulnerability.
|
Impact:
A remote or local user can cause denial of service conditions.
|
Solution:
The vendor has issued a fix (Engine 1.2.276 and later), available automatically.
The vendor's advisory is available at:
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560
|
Vendor URL: www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560 (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 12 Aug 2008 09:14:29 -0400
Subject: http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560
|
CVE-2008-3174
|
|
