[22667] in bugtraq
Re: ARCserve 6.61 Share Access Vulnerability
daemon@ATHENA.MIT.EDU (ron)
Mon Sep 17 15:32:37 2001
Date: Mon, 17 Sep 2001 15:14:58 -0400
From: ron <rdr@steelrat.kernelsutra.com>
To: bugtraq@securityfocus.com
Message-ID: <20010917151458.A16798@steelrat.kernelsutra.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Yes, I just took a look at the newsletter. I had informed them on Sept. 7 and they were relatively quick with a patch
-- for ARCServe 2000.
So from reading the responses, I would say if you're running anything prior to ARCServe 2000 _and_ you have the vulnerability,
the best course of action is to change the share permissions.
Not sure why the share is there. It may be for a Network Agent of some sort. Best to ask CA.
-rdr
From: "Marcus Bednorz" <m.be@oevermann.de>
To: <bugtraq@securityfocus.com>
Sent: Monday, September 17, 2001 4:09 AM
Subject: AW: ARCserve 6.61 Share Access Vulnerability
Hi,
the problem also applys to ArcServe 2000. This securityleak was announced by
CA in the Storage-Newsletter september-edition. There is a patch for
ArcServe 2000 with SP2a available from
http://support.ca.com/Download/patches/asitnt/QO00945.html Couldn't find
anything for ArcServe 6.61IT.
Does anybody know why this share is needed? What's with removing the share?
Can the mentioned permissions be used?
Marcus Bednorz
