|
|
|
View Notes By
|
|
|
|
Other Documents
|
|
|
|
|
RSA Security Information for VU#790533
| Date Notified: | 2005-05-06 |
| Date Updated: | |
| Statement Date: | |
| Status Summary: | Unknown |
Vendor StatementRSA Security has recently discovered and fixed a potential security vulnerability in the following RSA Authentication Agent for Web software:
- RSA Authentication Agent 5.3 for Web for IIS
This issue has been addressed and thoroughly qualified by RSA Security. RSA Security is not aware of any security breaches resulting from this vulnerability.
Description:
- The RSA Authentication Agent for Web 5.3 for IIS can be exploited with a heap overflow condition
Implication:
- A heap overflow condition causes IIS to crash on Windows 2000
Action Taken by RSA Security:
RSA has created a security patch to eliminate this vulnerability to be applied to the following:
- RSA Authentication Agent 5.3 for Web for IIS
Recommendation:
RSA Security recommends that all customers currently using RSA Authentication Agents 5.3 for Web software apply the security patches available now on the RSA SecurCare Online site. Doing so eliminates this vulnerability.
Getting Security Fixes:
To get this new patch and documentation, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com and click "Downloads" in the left navigation menu. Then, click "Fixes by Product", click "RSA SecurID", and "Authentication Agent 5.x", and select the downloads and documentation that pertain to your environment.Vendor InformationThe vendor has not provided us with any further information regarding this vulnerability.
AddendumUS-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|
 |
