|
Kaspersky Anti-Virus "klif.sys" Denial of Service Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA20629
|
|
|
Release Date:
|
2006-06-14
|
|
Last Update:
|
2006-07-04
|
|
|
Critical:
|
Not critical
|
|
Impact:
|
DoS
|
|
Where:
|
Local system
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Kaspersky Anti-Virus 5.x
Kaspersky Anti-Virus 6.x
Kaspersky Internet Security 6.x
|
| | CVE reference: | CVE-2006-3074 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Skywing has discovered a vulnerability in Kaspersky Anti-Virus, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to missing validation of pointers supplied by user-space programs before they are used by custom system services installed by "klif.sys" to access memory. This can be exploited to cause the system to reboot due to invalid memory access.
The vulnerability has been confirmed in Kaspersky Anti-Virus 6.0.0.300 and Kaspersky Internet Security 6.0.0.300. Other versions may also be affected.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Solution:
A fix was issued on 2006-06-30 via regular database update.
Provided and/or discovered by:
Skywing
Changelog:
2006-06-20: Added CVE reference.
2006-07-04: Updated "Solution" section.
Original Advisory:
Kaspersky:
http://www.kaspersky.com/technews?id=189221798
Skywing:
http://uninformed.org/index.cgi?v=4&a=4&p=4
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
12 Related Secunia Security Advisories, displaying 10
|
|
|
1. Kaspersky Products kl1.sys Driver Buffer Overflow Vulnerability
|
|
2. Kaspersky AntiVirus klif.sys Hooked Functions Denial of Service
|
|
3. Kaspersky Products Multiple Vulnerabilities
|
|
4. Kaspersky Anti-Virus Engine UPX Processing Denial of Service
|
|
5. Kaspersky Antivirus PE File Handling Denial of Service
|
|
6. Kaspersky Labs Anti-Virus IOCTL Privilege Escalation
|
|
7. Kaspersky Anti-Virus Engine CHM File Parsing Buffer Overflow
|
|
8. Kaspersky Anti-Virus CAB Archive Handling Buffer Overflow
|
|
9. Kaspersky Anti-Virus Insecure Log Directory Security Issue
|
|
10. Kaspersky Anti-Virus "klif.sys" Privilege Escalation Vulnerability
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
