Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1346

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2001-1346
Last Modified 10 Sep 2008 03:10:20
Published 18 May 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-1346

Summary

Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.

Vulnerable Systems

Application

  • Ca Arcserve Backup 6.61

  • Ca Arcserve Backup 6.63


References

BUGTRAQ - 20010518 tmp-races in ARCservIT Unix Client

BID - 2748

BID - 2741


Last Updated: 27 May 2016 10:36:38