ARCservIT 6.61/6.63 Client inetd.tmp Arbitrary File Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2748/info ARCservIT from Computer Associates contains a vulnerability which may allow malicious local users to corrupt arbitrary files. When it runs with the parameters 'inet add', 'asagent', opens and overwrites it if it...

CVE-2001-1346

ARCserveIT 6.61 and 6.63 (ARCservIT) are affected by a local vulnerability where an attacker can overwrite arbitrary files via a symlink attack on temporary files (asagent.tmp or inetd.tmp). The underlying issue is insecure handling of temporary files leading to local privilege impact with partia...