RSA patches Web authentication tool

By Dan Ilett
Special to CNET News.com

Security company RSA has patched a vulnerability in its Web authentication software. RSA is advising customers to update software for its Authentication Agent for Web for Internet Information Service, after researcher Gary O'Leary-Steele discovered a flaw which could allow hackers to execute arbitrary code.

On its Web site Secunia said that the vulnerability occurred from a boundary error. "(It) can be exploited to cause a heap-based buffer overflow by sending an overly long 'chunk' of data via the chunked-encoding mechanism." The vulnerability exists in versions 5, 5.2 and 5.3 of the product. Click here to download the patch.

See more CNET content tagged:
RSA Security Inc., EMC Corp., vulnerability

Latest tech news headlines

Author says Google lacks 'emotional intelligence'
Posted in News - Digital Media by Kara Swisher, AllThingsD

November 12, 2009 6:27 AM PST
Intel to pay AMD $1.25 billion in antitrust settlement
Posted in News - Business Tech by Jonathan Skillings

November 12, 2009 6:21 AM PST
Clicker launches for all today. Watch it.
Posted in Webware by Rafe Needleman

November 12, 2009 6:00 AM PST
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; EMC (0.00%) 0.00 16.99; Dow Jones Industrials (0.00%) 0.00 10,291.26; S&P 500 (0.00%) 0.00 1,098.51; NASDAQ (0.00%) 0.00 2,166.90; CNET TECH (0.00%) 0.00 1,579.79

Inside CNET News

Scroll Left Scroll Right

Business Tech
Intel to pay AMD $1.25 billion in antitrust settlement
AMD will drop all pending litigation, and Intel agrees to "abide by a set of business practice provisions." The chipmakers will work from a new five-year cross-license agreement.
Gallery
Images: iPhone games graphics showdown
Technically Incorrect
Microsoft exec: Mac OS inspired Windows 7
Simon Aldous, Microsoft's partner group manager, says the company looked at the Mac's graphical nature and ease of use and tried to create a "Mac look."
Beyond Binary
Bing getting a fall refresh
Microsoft's search engine is getting improved preview results as well as some new health information licensed from Wolfram's Alpha.
Video
Exploratorium's shocking 40th anniversary kicks off
Digital Media
Author says Google lacks 'emotional intelligence'
Ken Auletta, who just wrote "Googled: The End of the World as We Know It," says the search giant need to focus less on engineering and more on the fears of its growing power.
Video
A new workout for the Wii
The Social
Twitter issues mulligan on new 'retweet' feature
Twitter developer chat logs reveal that fresh new feature was pulled temporarily to fix some bugs.
Military Tech
Remote-control gun turrets, made for Italy
Italian defense department orders Hitrole remote-controlled machine gun turrets to enable soldiers in Afghanistan to aim and fire without exposing themselves to attack.
Gallery
Images: Firefox through the ages
Webware
Clicker launches for all today. Watch it.
This is the best TV search engine we've seen.
Green Tech
Powering cell phone towers with wind
Southern California pilot program to test Helix Wind's small wind turbines to run cell phone towers.