Info

Disclosure

Apr 04, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A local overflow exists in Kaspersky Anti-Virus. The_NtSetValueKey() function in the klif.sys file fails to properly parse the data size argument resulting in a kernel heap overflow. With a specially crafted request, an attacker can cause corruption of kernel memory and may let an attacker overwrite a nearly arbitrary amount of kernel heap memory with arbitrary data resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Private
Disclosure: OSVDB Verified
OSVDB: Security Software

Solution

Upgrade to version 6.0.2.614 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Kaspersky Lab	Kaspersky Anti-Virus for Windows Workstations	6.0.1.411
Kaspersky Lab	Kaspersky Anti-Virus for Windows File Servers	6.0.1.411

References

Security Tracker: 1017872 1017873
CVE ID: 2007-1880 (see also: NVD)
Bugtraq ID: 23326
Secunia Advisory ID: 24778
ISS X-Force ID: 33460
Related OSVDB ID: 33848 33849 33850 33852
VUPEN Advisory: ADV-2007-1268
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0106.html
Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=505
Vendor URL: http://www.kaspersky.com/
Vendor Specific Advisory URL: http://www.kaspersky.com/technews?id=203038693
http://www.kaspersky.com/technews?id=203038694

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/33851

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Kaspersky Lab

Kaspersky Anti-Virus for Windows Workstations

Kaspersky Anti-Virus for Windows File Servers

References

Credit