By a manipulated ipv6 packet to send to someone who Kaspersky Internet Security 2013 or another package with the Kaspersky firewall has ge lwa installed, a malicious system crash. That has a German beveiligingsonderzoeker discovered.
Abuse of the bug is relatively simple, writes researcher Marc Real on the Full Disclosure mailing list. Using a special toolkit for Linux can the modified ipv6 packets to a host to be sent. It has Internet Security 2013 or other similar Kaspersky software with a firewall, then freezes the computer. After a reboot the system functions again.
The attack uses fragmented ipv6 packets with different extension headers, of which there are a large amount of characters. The attack is only to establish if a user is using ipv6 can be approached. That is on a local network always the case, if a user has ipv6 enabled. On Windows, since Vista by default.
Real says that he Kaspersky on 21 January and on 14 February informed, but no response has had. Therefore, he has his findings now made public. He advises users to Kaspersky-software, temporarily uninstall until the issue is resolved, or to the ndis filter of Kaspersky off.
In a reaction towards a reporter from IDG reports Kaspersky that the problem is known and that it will soon be with an automatic update will be fixed. Who now already have a patch like you can get it at Kaspersky. The company emphasizes that it is not possible to misuse of computers affected, other than the crash. Why Kaspersky does not have an answer given on the reports of Real, remains unclear.