CA patch vulnerability

News

CA patch vulnerability

Tash Shifrin

Computer Associates has released a patch for its BrightStor ARCserve and Enterprise Backup systems after a bug that could allow hackers to take control of users’ systems was detected.

The software delivers backup and restore protection for all Windows server systems as well as Windows, Linux, Mac OS X and Unix client environments.

The buffer overflow vulnerability in the Brightstor software was originally identified by security firm iDefense in BrightStor ARCserve Backup Agent for Microsoft SQL Server version 11.0, but it was suspected that all versions might be vulnerable.

In an advisory notice, iDefense warned: “Successful exploitation allows remote attackers to execute arbitrary code with system  level privileges.
This allows for complete system compromise including the installation or removal of software and access to any file on the system.”

A CA advisory notice later warned that the flaw had been found in several versions of the software. Patches have now been provided to remedy the problem.


 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
 

COMMENTS powered by Disqus  //  Commenting policy