CA HIPS Kmxfw.sys Driver Multiple Remote Vulnerabilities
High Nessus Plugin ID 33901
The remote host contains a kernel driver that is affected by multiple vulnerabilities.
The 'kmxfw.sys' kernel driver included with CA's Host-Based Intrusion Prevention System (HIPS) or a related security product installed on the remote host is affected by multiple vulnerabilities. - By sending specially crafted IOCTL requests, it may be possible for a local attacker to crash the system or execute arbitrary code with kernel level privileges. (CVE-2008-2926) - An unspecified flaw may allow a remote attacker to crash the system. (CVE-2008-3174)
Follow the instructions on the CA HIPS implementation guide to update the CA HIPS client, and ensure the 'kmxfw.sys' driver is version 18.104.22.168 or later.