CA Vulnerability Affects More than Current Users

Well after CA published information about a widespread vulnerability in its license manager software, a security firm has reported that even companies that have done nothing more than evaluate then uninstall CA software maybe vulnerable.

 By Michael Hall | Posted Mar 14, 2005
Page of   |  Back to Page 1
Print Article

Admins who didn't move quickly to patch a widespread vulnerability in software from Computer Associates should reconsider: One of the security firms that unearthed the flaw in the first place says code that exploits the flaw has been found on the Web. Worse, companies that have evaluated CA software but later uninstalled it may still be at risk.

CA and security firm eEye first reported a flaw in CA's license manager software on March 2. The vulnerability was noteworthy because it involved a number of CA software packages across all the company's supported architecture. CA released a patch the day the vulnerability was made public.On March 7, the Hat-Squad Security Group published an exploit for the vulnerability.

Since then, eEye has released a freely available application that scans systems for the vulnerability. Adding an unfortunate wrinkle to the situation is the fact that eEye reports users who have evaluated CA software but later removed it might still be vulnerable to the flaw.

"Even if the program was removed manually, the License Manager code that includes the vulnerabilities could potentially still be on the machine, thus enabling an attacker to take control of the system remotely," the company reports.

"The CA flaws are particularly tricky, as even those that diligently removed any CA products they may have evaluated are still at risk," said Firas Raouf, chief operating officer at eEye.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter

By submitting your information, you agree that enterprisenetworkingplanet.com may send you ENTERPRISENetworkingPLANET offers via email, phone and text message, as well as email offers about other products and services that ENTERPRISENetworkingPLANET believes may be of interest to you. ENTERPRISENetworkingPLANET will process your information in accordance with the Quinstreet Privacy Policy.