CA shoves out BrightStor security fix
Hierarchical high risk
Posted in Storage, 30th September 2007 20:00 GMT
Join our expert panel in discussing application security
CA has moved to fix a trio of high risk security holes in its popular BrightStor Hierarchical Storage Manager software.
Last week, CA posted an update to BrightStor HSM. The patch should help protect customers from holes in the CsAgent service that can permit the execution of harmful code by a remote attacker. Those of you running pre-11.6 HSM code will want to fix up your systems.
According to CA, one set of vulns results from "insufficient bounds checking with multiple CsAgent service commands." Another set stems from the "insufficient validation of strings used in SQL statements," while a third set of vulns comes from the "insufficient validation of strings used in SQL statements."
CA noted that researchers at iDefense discovered some of the issues. There's more from iDefense here. ®
See what The Register's experts have to say on application security


Reducing messaging and web security costs with managed services
The security implications of Web 2.0
The future of SaaS and IT infrastructure management
Modular Services - Can Dell Deliver?

SUSE 11 takes off faster than 10
Freecom adds RFID to HDD
Intel to double SSD capacity
MacBook Air firmware update points to revamped batteries