FYI, we have published a fix for this issue.
https://support.ca.com/irj/portal/anonymous/solndtls?aparNo=RO33517&os=W
INDOWS&actionID=3
A formal security notice will be published next week.
Thanks and regards,
Ken Williams, Director
CA Technologies Product Vulnerability Response Team
CA Technologies Business Unit Operations
[email protected]
-----Original Message-----
From: Williams, James K
Sent: Tuesday, July 26, 2011 1:12 PM
To: [email protected]
Subject: Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass /
Credentials
Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials
CA Technologies is aware of ARCserve D2D vulnerability and exploit
details that were posted to BugTraq on 2011-07-26. We're currently
reviewing the information and will post an update after we have
completed our initial investigation.
Thanks and regards,
Ken Williams, Director
CA Technologies Product Vulnerability Response Team
CA Technologies Business Unit Operations
[email protected]