CVE-2008-2926 - Vulnerability Details - OpenCVE

The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Broadcom	Internet Security Suite
Ca	Host Based Intrusion Prevention System Internet Security Suite 2008 Personal Firewall 2007 Personal Firewall 2008

Configuration 1 [-]

OR	cpe:2.3:a:broadcom:internet_security_suite:3.0:::::::*
	cpe:2.3:a:ca:host_based_intrusion_prevention_system:r8:::::::*
	cpe:2.3:a:ca:internet_security_suite_2008::::::::
	cpe:2.3:a:ca:personal_firewall_2007::::::::
	cpe:2.3:a:ca:personal_firewall_2008::::::::

No data.

References

Link	Providers
http://secunia.com/advisories/31434
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559
http://www.securityfocus.com/archive/1/495397/100/0/threaded
http://www.securityfocus.com/bid/30651
http://www.securitytracker.com/id?1020658
http://www.securitytracker.com/id?1020659
http://www.securitytracker.com/id?1020660
http://www.vupen.com/english/advisories/2008/2339
https://exchange.xforce.ibmcloud.com/vulnerabilities/44392

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-08-12T23:00:00

Updated: 2024-08-07T09:21:34.505Z

Reserved: 2008-06-30T00:00:00

Link: CVE-2008-2926

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-08-12T23:41:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-2926

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-08-11T00:00:00", "descriptions": [{"lang": "en", "value": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2008-2339", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2339"}, {"name": "1020660", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020660"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"}, {"name": "20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"}, {"name": "31434", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31434"}, {"name": "1020658", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020658"}, {"name": "30651", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30651"}, {"name": "ca-kmxfw-privilege-escalation(44392)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"}, {"name": "1020659", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020659"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2926", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2008-2339", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2339"}, {"name": "1020660", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020660"}, {"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559", "refsource": "CONFIRM", "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"}, {"name": "20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"}, {"name": "31434", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31434"}, {"name": "1020658", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020658"}, {"name": "30651", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30651"}, {"name": "ca-kmxfw-privilege-escalation(44392)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"}, {"name": "1020659", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020659"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:21:34.505Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2008-2339", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2339"}, {"name": "1020660", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020660"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"}, {"name": "20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"}, {"name": "31434", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31434"}, {"name": "1020658", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020658"}, {"name": "30651", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/30651"}, {"name": "ca-kmxfw-privilege-escalation(44392)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"}, {"name": "1020659", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020659"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2926", "datePublished": "2008-08-12T23:00:00", "dateReserved": "2008-06-30T00:00:00", "dateUpdated": "2024-08-07T09:21:34.505Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "285013A5-E058-4B2B-B8B6-1BFF72388589", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:host_based_intrusion_prevention_system:r8:*:*:*:*:*:*:*", "matchCriteriaId": "051FF92A-292B-4F5F-929C-4F0E654F4B87", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*", "matchCriteriaId": "0281F80B-CF9C-482D-B7A9-3B2651BD0567", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:personal_firewall_2007:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DFE4A13-0C9A-44A9-B74F-7E87D0F8DE4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:personal_firewall_2008:*:*:*:*:*:*:*:*", "matchCriteriaId": "853DBC05-6624-43CD-A9E3-65F93B58BB99", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request."}, {"lang": "es", "value": "El Controlador kmxfw.sys en el Sistema de prevenci\u00f3n de intrusiones basado en Host (Host-Based Intrusion Prevention System) r8 (HIPS-r8), como el utilizado en CA Internet Security Suite and Personal Firewall, no verifica de forma adecuada las peticiones IOCTL, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) o posiblemente, obtengan privilegios a trav\u00e9s de peticiones manipuladas.\r\n\r\n"}], "id": "CVE-2008-2926", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-08-12T23:41:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/31434"}, {"source": "cve@mitre.org", "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/30651"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020658"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020659"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020660"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2339"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/31434"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/30651"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1020658"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1020659"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1020660"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/2339"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}