Lucene search

[email protected]CVE-2001-0960

HistorySep 15, 2001 - 4:00 a.m.

CVE-2001-0960

2001-09-1504:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0960

computer associates

arcserve

security vulnerability

cleartext credentials

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.5%

JSON

Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges.

CPENameOperatorVersion
ca:arcserve_backup_2000ca arcserve backup 2000eq*
broadcom:arcserve_backup_2000broadcom arcserve backup 2000eq*
broadcom:arcserve_backupbroadcom arcserve backupeq6.61

CPE	Name	Operator	Version
ca:arcserve_backup_2000	ca arcserve backup 2000	eq	*
broadcom:arcserve_backup_2000	broadcom arcserve backup 2000	eq	*
broadcom:arcserve_backup	broadcom arcserve backup	eq	6.61

References

archives.neohapsis.com/archives/bugtraq/2001-09/0137.html

support.ca.com/Download/patches/asitnt/QO00945.html

www.securityfocus.com/bid/3343

exchange.xforce.ibmcloud.com/vulnerabilities/7122

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.5%

JSON

Related for CVE-2001-0960

cvelist1 nessus1