TechTarget

Vulnerability found in RSA authentication

A UK Internet security company has discovered a vulnerability in the authentication software used by the US government to protect...

A UK Internet security company has discovered a vulnerability in the authentication software used by the US government to protect its most sensitive information.

ProCheckUp found a weakness in the ACE/Agent for Windows and ACE/Agent for Windows 2000 from e-security firm RSA Security while assessing the security of a large financial institution.

The flaw allows remote hackers to bypass the authentication mechanism provided by SecurID and to directly run programs and read files. ProCheckUp believes this could leave the file server open to other types of attacks, which can be modified to exploit the weakness, leaving the server potentially wide open.

For almost 20 years, the US government has used RSA Security technology to protect its top-secret material.

The discovery of a vulnerability in RSA's authentication software comes as the risk of cyber attacks has increased following the terrorist attacks on America and retaliatory bombing of Afghanistan.

ProCheckUp's technical director, Richard Brain, said: "The users of this software are mostly government agencies. In the current international climate, governments are under heightened threat from cyberattacks. It will be of the utmost concern to these agencies that their most sensitive data can be so easily viewed by unauthorised individuals."

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close