ID de Prueba:	1.3.6.1.4.1.25623.1.0.800154
Categoría:	Denial of Service
Título:	Kaspersky Anti-Virus 2010 'kl1.sys' Driver DoS Vulnerability
Resumen:	Kaspersky Anti-Virus 2010 is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Kaspersky Anti-Virus 2010 is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to NULL pointer dereference in 'kl1.sys' driver via a specially-crafted IOCTL 0x0022c008 call. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code with elevated privileges or cause the kernel to crash. Affected Software/OS: Kaspersky Anti-Virus 2010 before 9.0.0.736 on Windows. Solution: Update to version 9.0.0.736 or later. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4114 BugTraq ID: 37044 http://www.securityfocus.com/bid/37044 Bugtraq: 20091117 Kaspersky Anti-Virus 2010 <= 9.0.0.463 pointer dereference vulnerability (Google Search) http://www.securityfocus.com/archive/1/507933/100/0/threaded http://sysdream.com/article.php?story_id=323&section_id=78 http://osvdb.org/60207 http://www.securitytracker.com/id?1023198 http://secunia.com/advisories/37398 http://www.vupen.com/english/advisories/2009/3286 XForce ISS Database: kaspersky-kl1-privilege-escalation(54309) https://exchange.xforce.ibmcloud.com/vulnerabilities/54309
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.