CA Host-Based Intrusion Prevention System Client kmxIds.sys DoS (CA20090818)
High Nessus Plugin ID 40621
SynopsisA driver installed on the remote Windows host is affected by a denial of service vulnerability.
DescriptionThe remote Windows host contains a version of the 'kmxIds.sys' driver, a component of CA Host-Based Intrusion Prevention System Client, that does not correctly handle certain malformed network packets. A remote attacker can exploit this issue to cause a kernel crash.
SolutionUpgrade as necessary to CA Host-Based Intrusion Prevention System 8.1, install Cumulative Fix 1 RO10298 or later on the CA HIPS server, and ensure that an updated client installation image is installed on each client.