A security vulnerability in Computer Associates' iTechnology iGateway service could put systems running the software at risk of serious attacks, experts have warned. A remote attacker could gain complete control over systems on Windows platforms, and other platforms may allow for a denial-of-service attack, according to an advisory posted Tuesday by security intelligence firm French Security Incident Response Team. The FrSIRT rates the issue "critical."
The iTechnology iGateway is part of various Computer Associates products, including BrightStor backup, eTrust security and Unicenter management software. A heap-overflow vulnerability exists because the software fails to perform boundary checks before copying user-supplied data into specific process buffers, according to an advisory on Symantec's DeepSight intelligence service. CA has published a security advisory along with fixes for its products.
Mobile World Congress 2019: Get complete coverage from the world's biggest phone show.
Fortnite: Everything you need to know: Get the lowdown on Fortnite: Battle Royale, which is now in season 7.
Discuss: Warning out on serious CA software flaw
Be respectful, keep it civil and stay on topic. We delete comments that violate our policy, which we encourage you to read. Discussion threads can be closed at any time at our discretion.