Skip to content

Whitepapers
| The Channel

Data Center > Storage

CA shoves out BrightStor security fix

Hierarchical high risk

By Ashlee Vance, 30th September 2007

Cloud storage: Lower cost and increase uptime

CA has moved to fix a trio of high risk security holes in its popular BrightStor Hierarchical Storage Manager software.

Last week, CA posted an update to BrightStor HSM. The patch should help protect customers from holes in the CsAgent service that can permit the execution of harmful code by a remote attacker. Those of you running pre-11.6 HSM code will want to fix up your systems.

According to CA, one set of vulns results from "insufficient bounds checking with multiple CsAgent service commands." Another set stems from the "insufficient validation of strings used in SQL statements," while a third set of vulns comes from the "insufficient validation of strings used in SQL statements."

CA noted that researchers at iDefense discovered some of the issues. There's more from iDefense here. ®

Steps to Take Before Choosing a Business Continuity Partner

COMMENTS

House Rules Send Corrections

All Reader Comments (3)

Latest Comments

Posted Monday 1st October 2007 10:01 GMT

Title

What is CA?

Posted Monday 1st October 2007 03:38 GMT

Invisible

Have been staring into this screen for a few hours, no reply.

Nobody - that means: None

Posted Sunday 30th September 2007 22:10 GMT

Anonymous Coward

A turd by any other name...

Just one... Just show me one CA product that isn't a complete waste of bandwith or disk space... Anyone? Anyone?

Whitepapers

IT infrastructure monitoring strategies

Secure support mobile device access to sensitive corporate IT resources with confidence.

What you need to know about cloud backup

This resource answers the common questions enterprises have about cloud backup and recovery including its security, affordability, and flexibility.

Enabling efficient data center monitoring

How IT Organizations see the Big Picture of their infrastructure using AccelOps’ unified SIEM, performance and availability monitoring software.

Agentless Backup is Not a Myth

Read this white paper to learn about the seven benefits agentless backup and recovery software delivers to complex enterprise environments.

Top 10 SIEM implementer’s checklist

An automated discovery driven approach that shortens your path to comprehensive monitoring and prevents security blind spots.

Search more Resources

More from The Register

SCO vs. IBM battle resumes over ownership of Unix

Zombie lawsuit back and wants to suck the brains out of Linux

REVEALED: The gizmo leaker Snowden used to smuggle out NSA files

You probably have one in your pocket

breaking news

You don't need phone lines or cable for ANYTHING, says Dish

The satellite-dish man can sort you out with phone and broadband over the air too

Most read

Spotlight

Gravity Trailer Still

Honey, I BLEW UP the International SPACE STATION - in full 3D

Dan Crain

Whiptail CEO: Big Blue's flashy BEELLION doesn't faze us

Rattlesnake

EMC's ViPR: Is it really that venomous?

Shane Robison

Former Fusion-io CEO just wasn't that into operations, says new broom

Sponsored links

The Channel