NetIQ has released a patch to address a potential vulnerability in
Sentinel, specifically Sentinel Agent Manager. Although exploitation of
this vulnerability is unlikely, NetIQ takes the security of our products
and of our customer's systems very seriously, so we highly recommend
deploying this patch as soon as possible if you are using Sentinel Agent

Issue: A vulnerability exists in Sentinel Agent Manager due to improper
bounds checking on method input. The vulnerability could allow a
malicious web site or e-mail message to cause systems hosting Sentinel
Agent Manager components to crash, or to run arbitrary code within the
privilege context of the browser or e-mail client. (CVE-2014-3460; BUG

Fix: Sentinel Agent Manager, part of the Sentinel
release, disables the vulnerable method.

NetIQ generally recommends that customers upgrade all components in the
Sentinel environment, but in this case, customers who are unable to
immediately update all components to 7.2 can apply only the patch for
the Sentinel Agent Manager component. This is available on the
'PatchFinder site'
( For more
information, see the 'NetIQ Knowledge Base'

CeeDubbVA's Profile:
View this thread: