Exploit code surfaces for CA vulnerability

By
Follow google news

Successful exploit could offer system-level access.

Exploit code surfaces for CA vulnerability
Companies that use Computer Associates storage software are being warned to update their systems after exploit code surfaced for a recently-patched vulnerability. 

The US Computer Emergency Response Team (US-Cert) reported that exploit code has been posted for a vulnerability in the CA Brightstor ARCserve Backup Media application. The exploit targets the 'mediasvr' component in the software. 

SecurityFocus said that the vulnerability is known to exist in at least nine of CA's server security and backup applications. 

Users can mitigate the vulnerability by installing a vendor patch released in January, according to SecurityFocus.

US-Cert does not list a solution for the vulnerability and advises administrators to restrict the use of remote procedure call commands.

SecurityFocus said that a successful exploit could offer system-level access to the target machine with the ability to remotely execute code. If the exploit attempt fails, a denial of service crash could be triggered.

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
cacodeexploitforsecuritysurfacesvulnerability

Sponsored Whitepapers

5 reasons to adopt a mobile first security strategy
5 reasons to adopt a mobile first security strategy
Uncomplicate IT Service Delivery with AI Agents
Uncomplicate IT Service Delivery with AI Agents
Getting ahead of the tech: what’s next for Australian organisations in digital transformation
Getting ahead of the tech: what’s next for Australian organisations in digital transformation
Fintech compliance made fast and secure
Fintech compliance made fast and secure
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide

Events

Most Read Articles

Supply chain attack hits 100 million-download Axios npm package

Supply chain attack hits 100 million-download Axios npm package
NAB is co-designing a SIEM with Databricks

NAB is co-designing a SIEM with Databricks
APRA pulls data submission system after security pentest

APRA pulls data submission system after security pentest
Councils push for federal shared security centre funding

Councils push for federal shared security centre funding
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?