Multiple Panda Software Antivirus products cpoint.sys privilege escalation
| panda-antivirus-cpointsys-priv-escalation (41079) |  High Risk |
Description:
Multiple Panda Software products could allow a local attacker to gain elevated privileges on the system, caused by an error in the cpoint.sys driver. By sending a specially-crafted IOCTL request, an attacker could exploit this vulnerability to overwrite system memory or cause a denial of service and execute arbitrary code on the system with kernel level privileges.
*CVSS:
| Base Score: | 4.6 |
| Access Vector: | Local |
| Access Complexity: | Low |
| Authentication: | None |
| Confidentiality Impact: | Partial |
| Integrity Impact: | Partial |
| Availability Impact: | Partial |
| Temporal Score: | 3.4 |
| Exploitability: | Unproven |
| Remediation Level: | Official-Fix |
| Report Confidence: | Confirmed |
Consequences:
Gain Privileges
Remedy:
For Panda Internet Security 2008:
Apply the hotfix for this vulnerability (hfp120801s1.exe), available from the Panda Security Online Support Center Help Web site. See References.
For Panda Antivirus + Firewall 2008:
Apply the hotfix for this vulnerability (hft70801s1.exe), available from the Panda Security Online Support Center Help Web site. See References.
References:
- Panda Security Online Support Center Help Web site: Vulnerability detected in the Internet protection level control in Panda Internet Security 2008.
- Panda Security Online Support Center Help Web site: Vulnerability detected in the Internet protection level control in Panda Antivirus + Firewall 2008.
- Trapkit Security Advisory TKADV2008-001: Panda Internet Security/Antivirus+Firewall 2008 cpoint.sys Kernel Driver Memory Corruption Vulnerability.
- BID-28150: Panda Internet Security/Antivirus+Firewall 2008 CPoint.sys Memory Corruption Vulnerability
- CVE-2008-1471: The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.
- SA29311: Panda Products cpoint.sys Privilege Escalation Vulnerabilities
- SECTRACK ID: 1019568: Panda Internet Security 'cpoint.sys' Driver Bug Lets Local Users Gain Kernel Level Privileges
- VUPEN/ADV-2008-0801: Panda Products cpoint.sys Driver Privilege Escalation Vulnerabilities
Platforms Affected:
- Panda Software Panda Antivirus + Firewall 2008
- Panda Software Panda Internet Security 2008
Reported:
Mar 10, 2008
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.