Privilege escalation via Panda Security Suite
A driver in Panda's Internet Security 2008 and Antivirus+Firewall 2008 allows local users to escalate their system privileges and take complete control of the system. The vendor has now released hotfixes which fix the security vulnerability for the affected products.
According to the vulnerability's discover Tobias Klein, the vulnerability affects the cpoint.sys kernel driver. The driver processes ‘IOCTLs', – input and output requests – to the driver, without adequately checking the values passed to it. This can result in kernel memory being overwritten and execution of code with full system privileges.
Panda has confirmed the existence of the bug and has released downloadable hotfixes which users should install as soon as possible.
See also:
- Panda Internet Security/Antivirus+Firewall 2008 cpoint.sys Kernel Driver Memory Corruption Vulnerability, security advisory from Tobias Klein
- Vulnerability detected in the Internet protection level control in Panda Internet Security 2008, security advisory and hotfix download from Panda
- Vulnerability detected in the Internet protection level control in Panda Antivirus + Firewall 2008, security advisory and hotfix download from Panda
(mba)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
