NEWS
A security vulnerability in CA's iTechnology iGateway service could put systems running the software at risk of serious attacks, experts have warned.
A remote attacker could gain complete control over systems on Windows platforms, and other platforms may allow for a denial of service attack, according to an advisory posted on Tuesday by security intelligence company the French Security Incident Response Team (FrSIRT). The FrSIRT rates the issue "critical".
The iTechnology iGateway is part of various CA products, including BrightStor back-up, eTrust security and Unicenter management software.
A heap-overflow vulnerability exists because the software fails to perform boundary checks before copying user-supplied data into specific process buffers, according to an advisory on Symantec's DeepSight intelligence service.
CA has published a security advisory along with fixes for its products.
Joris Evers writes for CNET News.com
