January 25, 2006 3:03 PM PST

Warning out on serious CA software flaw

By Joris Evers
Staff Writer, CNET News

Related Stories

CA nabs help-desk software company

 January 11, 2006

Veritas issues patch for NetBackup flaw

 October 13, 2005

CA fixes bugs in multiple products

 August 22, 2005

CA plugs serious hole in backup software

 August 3, 2005

A security vulnerability in Computer Associates' iTechnology iGateway service could put systems running the software at risk of serious attacks, experts have warned. A remote attacker could gain complete control over systems on Windows platforms, and other platforms may allow for a denial-of-service attack, according to an advisory posted Tuesday by security intelligence firm French Security Incident Response Team. The FrSIRT rates the issue "critical."

The iTechnology iGateway is part of various Computer Associates products, including BrightStor backup, eTrust security and Unicenter management software. A heap-overflow vulnerability exists because the software fails to perform boundary checks before copying user-supplied data into specific process buffers, according to an advisory on Symantec's DeepSight intelligence service. CA has published a security advisory along with fixes for its products.

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

ie8 fix

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

Markets

Market news, charts, SEC filings, and more

Related quotes

Computer Associates International Inc. (-0.16%) -0.04 25.12
Dow Jones Industrials (-0.60%) -74.92 12,454.83
S&P 500 (-0.22%) -2.86 1,317.82
NASDAQ (-0.07%) -1.85 2,837.53
CNET TECH (-0.20%) -4.05 2,040.30
  Symbol Lookup
ie8 fix
  • Recently Viewed Products
  • My Lists
  • My Software Updates
  • Promo
  • Log In | Join CNET