RSA patches Web authentication tool

By Dan Ilett
Special to CNET News.com Published: May 12, 2005 11:35 AM PDT

Tools

Security company RSA has patched a vulnerability in its Web authentication software. RSA is advising customers to update software for its Authentication Agent for Web for Internet Information Service, after researcher Gary O'Leary-Steele discovered a flaw which could allow hackers to execute arbitrary code.

On its Web site Secunia said that the vulnerability occurred from a boundary error. "(It) can be exploited to cause a heap-based buffer overflow by sending an overly long 'chunk' of data via the chunked-encoding mechanism." The vulnerability exists in versions 5, 5.2 and 5.3 of the product. Click here to download the patch.

More from News.com on this story's topics: Authentication and encryption
Create an email alert | RSS feed; EMC
RSS feed

See more CNET content tagged:
RSA Security Inc., EMC Corp., vulnerability

RSS Feeds: Add headlines from CNET News.com to your homepage or feedreader.; Google; Yahoo; MSN; More feeds available in our RSS feed index.

Today's Top Stories: EA debuts new family, sports titles; Apple cuts price of flash-drive MacBook Air; LCD making worse for environment than coal?; Report: Yahoo sites get traffic boost from Google; Google Talk comes to the iPhone, iPod Touch

Most Popular Stories: Jobs, Apple directors face new backdating suit; 'Netflix box' to carry more than just Netflix; IE 8 to have antimalware protection; Facebook-advertised boozefest spurs liquor ban; China's military tries out Segways

Markets: EMC (0.47%) 0.07 15.05; Dow Jones Industrials (0.65%) 73.03 11,288.54; S&P 500 (0.11%) 1.38 1,262.90; NASDAQ (-0.27%) -6.08 2,245.38; CNET TECH (0.00%) 0.00 1,580.18

Welcome (log out) |View profile

On CBS Sports: Get Mixed Martial Arts fight news

GE Interest Plus

RSA patches Web authentication tool

Authentication and encryption

EMC

Report offensive content:

E-mail this comment to a friend.