January 25, 2006 3:03 PM PST

Warning out on serious CA software flaw

By Joris Evers
Staff Writer, CNET News.com

Related Stories

CA nabs help-desk software company

 January 11, 2006

Veritas issues patch for NetBackup flaw

 October 13, 2005

CA fixes bugs in multiple products

 August 22, 2005

CA plugs serious hole in backup software

 August 3, 2005

A security vulnerability in Computer Associates' iTechnology iGateway service could put systems running the software at risk of serious attacks, experts have warned. A remote attacker could gain complete control over systems on Windows platforms, and other platforms may allow for a denial-of-service attack, according to an advisory posted Tuesday by security intelligence firm French Security Incident Response Team. The FrSIRT rates the issue "critical."

The iTechnology iGateway is part of various Computer Associates products, including BrightStor backup, eTrust security and Unicenter management software. A heap-overflow vulnerability exists because the software fails to perform boundary checks before copying user-supplied data into specific process buffers, according to an advisory on Symantec's DeepSight intelligence service. CA has published a security advisory along with fixes for its products.

Powered by Jive Software
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News.com to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
Dell
PlayStation 3
Wii
Windows Vista
CNET sites
CNET TV
Downloads
Forums
News
Reviews
Site map
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET