Issued: August 18, 2009
CA's support is alerting customers to a security risk with CA Host-Based Intrusion Prevention System. A vulnerability exists that can allow a remote attacker to cause a denial of service. CA has issued a patch to address the vulnerability.
The vulnerability, CVE-2009-2740, is due to the kmxIds.sys driver not correctly handling certain malformed packets. An attacker can send a malicious packet that will cause a kernel crash.
CA Host-Based Intrusion Prevention System 8.1
CA Host-Based Intrusion Prevention System 8.1 CF 1
How to determine if the installation is affected
|File Name||Version||Size (bytes)||Date|
|kmxIds.sys||188.8.131.52||163,840||June 03, 2009, 12:32:22 PM|
CA has issued the following patch to address the vulnerability.
CA Host-Based Intrusion Prevention System 8.1:
Install Cumulative Fix 1 RO10298.
CVE-2009-2740 - HIPS kmxIds.sys remote crash
CVE-2009-2740 - iViZ Security Research Team
Version 1.0: Initial Release
If additional information is required, please contact CA Support at https://support.ca.com.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team.