Home > Security News > CA works to patch BrightStor flaws
Security News:
EMAIL THIS LICENSING & REPRINTS

CA works to patch BrightStor flaws

By Bill Brenner, Senior News Writer
21 May 2007 | SearchSecurity.com

Security Wire Daily News
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google

CA is working to patch flaws in various versions of its BrightStor product that attackers could exploit to cause a denial of service. Aliso Viejo, Calif.-based eEye Digital Security warned that proof-of-concept attack code is available and that digital miscreants could cook up some serious exploits against the flaw with a bit of tweaking.

"Although the proof-of-concept does not reach an exploitable condition, mildly altering the proof-of-concept will," eEye said in an advisory. "The vendor has labeled the specific denial-of-service vulnerabilities with a medium severity. However, because of the simplicity to demonstrate an exploitable condition by altering the supplied proof of concept, eEye Research is designating these vulnerabilities as high severity."

The flaw could be exploited anonymously against BrightStor, allowing a remote attacker to run malicious code and obtain full system access, eEye said.

CA said in an advisory that it's aware that two functional exploit code samples were publicized May 16. "These two denial-of-service exploits are associated with vulnerabilities in CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe," CA said. "We have verified that vulnerabilities do exist, and we are now working on a patch to address the issues."

To mitigate the threat, CA suggests users rename the "mediasvr.exe" file to a non-functional file name, such as "mediasvc.exe.disable," then restart the CA BrightStor Tape Engine service. This disables command line functionality within BrightStor, CA said.

Symantec plugs Norton ActiveX flaw
Symantec Corp. has patched a flawed ActiveX control in its Norton security products that attackers could exploit to run malware on targeted machines.

An ActiveX control used by Norton Personal Firewall 2004 and Norton Internet Security 2004 contains a buffer overflow vulnerability, Cupertino, Calif.-based Symantec said in an advisory. Norton Internet Security is a software package for Microsoft Windows systems that includes antivirus, firewall, spam and content filtering, intrusion detection and privacy protection.

"The error occurs in the Get() and Set() functions used by ISAlertDataCOM, which is part of ISLALERT.DLL," the vendor said. "A successful exploit of this vulnerability could potentially allow the remote execution of code on a vulnerable system, with the rights of the logged-in user."

To successfully exploit the flaw, Symantec said an attacker would need to trick the user into viewing a specially crafted HTML document.

"This type of attack is often achieved by sending email containing a link to the malicious site, and persuading the recipient to click on the link," the company noted. "Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue."

Symantec product engineers confirmed that the issue affects Norton Personal Firewall and Norton Internet Security 2004 only. Product updates to correct the problem are available through LiveUpdate.

Unicode flaw hits Cisco, other vendors
Cisco Systems has acknowledged a flaw digital miscreants could exploit in its Intrusion Prevention System (IPS) and Internetwork Operating System (IOS) with Firewall/IPS Feature Set to evade security restrictions and launch attacks. Cisco is not the only vendor affected. Researchers believe more than 90 security tools from different vendors may be at risk, and 3com Corp.'s TippingPoint division has confirmed it is among those affected.

The flaw was reported by the United States Computer Emergency Readiness Team (US-CERT) and originally discovered by researchers Fatih Ozavci and Caglar Cakici of Turkish security firm GamaSec. The researchers discovered that online outlaws could evade Cisco's IPS and firewall to secretly scan and attack targeted systems by encoding their attacks with a full-width or half-width Unicode character set.

No fix or workaround is currently available, Danish vulnerability clearinghouse Secunia noted in its advisory on the flaw.

The specific product versions affected by the flaw are Cisco Intrusion Prevention System (IPS) versions 4 and 5, and IOS versions 10, 11 and 12.



Tags: Web Application Security (Also see Web Access Control)Mobile Code (Active X, JavaScript)VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google




More Tips to Secure Your Network
Focused on Channel Security?
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts