Information Technology Services: Alerts Archive

ALARM Group ALERTclick for a description of ALARM, The Computing Alert System
Alert Number:  080805-01
Alert Date:  08/08/05
Alert Title:  Update superseded for Computer Associates BrightStor ARCserve vulnerability
Update-to:  080405-01 Increased Scanning activity for Computer Associates BrightStor ARCserve vulnerability
OS/Platform/Application: 
Computer Associates BrightStor ARCserve Backup r11.1 Agent for SQL for Windows
Computer Associates BrightStor ARCserve Backup r11.1 Agent for Oracle for Windows
Computer Associates BrightStor ARCserve Backup r11.1 Agent for SAP R/3 for Windows
Computer Associates BrightStor ARCserve Backup r11.1 Agent for Microsoft Exchange Premium Add-on for Windows
Category:  UPDATE
Severity:  MEDIUM
Attention:  System Administrators that use any of the above-listed BrightStor products.

Summary:  Computer Associates has withdrawn one of its security updates (originally released on August 4, 2005) and replaced it with a new update following the discovery of a buffer overflow vulnerability.

Recommended Actions:  System administrators are encouraged to read the vulnerability information (see link below) and if appropriate install the patches immediately.

ITS Actions:  At this time, ITS is taking no specific actions to address this patch progression. An update will be issued if any new actions are taken.

Resources:
Computer Associates Update info
Computer Associates Knowledge Base Article (details the update)

University at Albany homepage