Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0960

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-0960
Last Modified 10 Sep 2008 03:09:20
Published 15 Sep 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0960

Summary

Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges.

Vulnerable Systems

Application

  • Ca Arcserve Backup 2000

  • Ca Arcserve Backup 6.61


References

BID - 3343

MISC - http://support.ca.com/Download/patches/asitnt/QO00945.html

BUGTRAQ - 20010915 ARCserve 6.61 Share Access Vulnerability

XF - arcserve-aremote-plaintext(7122)


Last Updated: 27 May 2016 10:36:28