RSA patches Web authentication tool

Security company RSA has patched a vulnerability in its Web authentication software. RSA is advising customers to update software for its Authentication Agent for Web for Internet Information Service, after researcher Gary O'Leary-Steele discovered a flaw which could allow hackers to execute arbitrary code.

On its Web site Secunia said that the vulnerability occurred from a boundary error. "(It) can be exploited to cause a heap-based buffer overflow by sending an overly long 'chunk' of data via the chunked-encoding mechanism." The vulnerability exists in versions 5, 5.2 and 5.3 of the product. Click here to download the patch.

More from News.com on this story's topics

Authentication and encryption

Create an email alert | RSS feed

EMC

RSS feed

See more CNET content tagged:
RSA Security Inc., EMC Corp., vulnerability

Powered by Jive Software
RSS Feeds
Add headlines from CNET News.com to your homepage or feedreader.
Google
Yahoo
MSN
More feeds available in our RSS feed index.
Today's Top Stories
EA debuts new family, sports titles
Apple cuts price of flash-drive MacBook Air
LCD making worse for environment than coal?
Report: Yahoo sites get traffic boost from Google
Google Talk comes to the iPhone, iPod Touch
Most Popular Stories
Jobs, Apple directors face new backdating suit
'Netflix box' to carry more than just Netflix
IE 8 to have antimalware protection
Facebook-advertised boozefest spurs liquor ban
China's military tries out Segways
Markets

Market news, charts, SEC filings, and more

Related quotes

EMC (0.47%) 0.07 15.05
Dow Jones Industrials (0.65%) 73.03 11,288.54
S&P 500 (0.11%) 1.38 1,262.90
NASDAQ (-0.27%) -6.08 2,245.38
CNET TECH (0.00%) 0.00 1,580.18
  Symbol Lookup
Detroit auto show
Detroit auto show

Detroit auto show
advertisement
On CBS Sports: Get Mixed Martial Arts fight news
Advanced
search
Advanced
search
Visit other CBS Interactive sites