BUGTRAQ ID: 30651
CVE ID:CVE-2008-3174
CVE-2008-2926
CNCVE ID:CNCVE-20083174
CNCVE-20082926
CA HIPS包含漏洞允许本地攻击者导致系统崩溃或任意代码执行。漏洞是由于kmxfw.sys驱动不充分验证IOCTL请求引起的,攻击者发送IOCTL请求可导致系统崩溃或执行任意代码。
另外kmxfw.sys驱动不充分的验证可导致应用程序崩溃,造成拒绝服务攻击。
目前没有详细漏洞细节提供。
Computer Associates Personal Firewall 2008
Computer Associates Personal Firewall 2007
Computer Associates Internet Security Suite 2008 0
Computer Associates Internet Security Suite 2007 0
Computer Associates Host-Based Intrusion Prevention System r8
可参考如下供应商提供的补丁:
Computer Associates Host-Based Intrusion Prevention System r8
Computer Associates RO00535.CAZ
<a href target=“_blank”>FTP://ftp.ca.com/CAproducts/unicenter/CAHIPS/nt/0703/RO00535.CAZ</a>