News

CA patch vulnerability

Tash Shifrin

Computer Associates has released a patch for its BrightStor ARCserve and Enterprise Backup systems after a bug that could allow hackers to take control of users’ systems was detected.

The software delivers backup and restore protection for all Windows server systems as well as Windows, Linux, Mac OS X and Unix client environments.

The buffer overflow vulnerability in the Brightstor software was originally identified by security firm iDefense in BrightStor ARCserve Backup Agent for Microsoft SQL Server version 11.0, but it was suspected that all versions might be vulnerable.

In an advisory notice, iDefense warned: “Successful exploitation allows remote attackers to execute arbitrary code with system  level privileges.
This allows for complete system compromise including the installation or removal of software and access to any file on the system.”

A CA advisory notice later warned that the flaw had been found in several versions of the software. Patches have now been provided to remedy the problem.


 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy