In association with heise online

22 July 2011, 10:25

CA Gateway Security vulnerable

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

CA Logo CA is warning of a critical vulnerability in its Gateway Security 8.1 business security solution that allows attackers to inject malicious code into systems. According to the Zero Day Initiative, special HTTP requests to port 8080 can be used to remotely write code into critical areas of the heap, and the arbitrary code can then be executed within the context of the Gateway Security service.

The company has provided a fix for Gateway Security. Alternatively, users can upgrade to version 9.0. Users of Total Defense Suite r12 are also advised to take action quickly as the vulnerable version of Gateway Security is part of this security package.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit