A stack of vulnerabilities has surfaced in Windows versions of CA's BrightStor ArcServe backup software. The holes are rated 'moderately critical' by Secunia, and CA has now released patches for them.
Some of the vulnerabilities were first reported as long ago as last November, when ISS X-Force and TippingPoint updated their firewalls to block them.
- ISS said the vulnerabilities it found involved using specially-crafted RPC requests to cause a stack-based overflow in Windows versions of the widely-used backup program. It added that ArcServe users need to apply the CA patches, even if any attack should in theory be stopped by their firewall.
Source : http://www.techworld.com
No comments:
Post a Comment