The Register® — Biting the hand that feeds IT

Feeds

CA shoves out BrightStor security fix

Hierarchical high risk

Cloud storage: Lower cost and increase uptime

CA has moved to fix a trio of high risk security holes in its popular BrightStor Hierarchical Storage Manager software.

Last week, CA posted an update to BrightStor HSM. The patch should help protect customers from holes in the CsAgent service that can permit the execution of harmful code by a remote attacker. Those of you running pre-11.6 HSM code will want to fix up your systems.

According to CA, one set of vulns results from "insufficient bounds checking with multiple CsAgent service commands." Another set stems from the "insufficient validation of strings used in SQL statements," while a third set of vulns comes from the "insufficient validation of strings used in SQL statements."

CA noted that researchers at iDefense discovered some of the issues. There's more from iDefense here. ®

Steps to Take Before Choosing a Business Continuity Partner

Latest Comments

Title

What is CA?

0
0

Invisible

Have been staring into this screen for a few hours, no reply.

Nobody - that means: None

0
0
Anonymous Coward

A turd by any other name...

Just one... Just show me one CA product that isn't a complete waste of bandwith or disk space... Anyone? Anyone?

0
0

More from The Register

SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
 breaking news
You don't need phone lines or cable for ANYTHING, says Dish
The satellite-dish man can sort you out with phone and broadband over the air too
 breaking news
What's HP got under wraps? Looks awfully flash and tape shaped
What happens in Vegas won't stay there - we've got the details
Microsoft borks botnet takedown in Citadel snafu
Stupid Redmond kicked over our honeypots, wail white hats
IBM's $1bn layoffs latest: Now axe swings in US, Canada - reports
Union claims 121 storage bods canned after dismal sales
NetApp musters muscular cluster bluster for ONTAP busters
Storage array OS overhauled to juggle more nodes, go down on you, er, less
HP adds 'Haswell' Xeon E3s to entry ProLiant servers
Gussies up MicroServer for SMBs, adds baby switches