Exploit Out For CA Bugs, Eval Users Also At Risk
Posted by Benjamin D. Thomas   
Security Users of Computer Associates' products are now at an even greater risk, a security firm said Wednesday, because exploit code has appeared that takes advantage of vulnerabilities disclosed last week. Even more important, said Firas Raouf, the chief operating officer of eEye Digital Security, is that ex-users of CA products -- including those who only evaluated the company's security titles, but then later uninstalled them -- are vulnerable to attack.

The vulnerabilities were first reported March 2 by Computer Associates and a pair of security vendors, eEye and Reston, Va.-based iDefense. A bug in the licensing software used in virtually every Windows, Macintosh, Linux, and Unix title from CA could allow attackers to generate buffer overflows, and from there, run code of their choice on the machines. Computer Associates released patches that same day.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!