FYI, we have published a fix for this issue. https://support.ca.com/irj/portal/anonymous/solndtls?aparNo=RO33517&os=W INDOWS&actionID=3 A formal security notice will be published next week. Thanks and regards, Ken Williams, Director CA Technologies Product Vulnerability Response Team CA Technologies Business Unit Operations wilja22@xxxxxx -----Original Message----- From: Williams, James K Sent: Tuesday, July 26, 2011 1:12 PM To: bugtraq@xxxxxxxxxxxxxxxxx Subject: Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials CA Technologies is aware of ARCserve D2D vulnerability and exploit details that were posted to BugTraq on 2011-07-26. We're currently reviewing the information and will post an update after we have completed our initial investigation. Thanks and regards, Ken Williams, Director CA Technologies Product Vulnerability Response Team CA Technologies Business Unit Operations wilja22@xxxxxx
