CVE-2001-0960

Name of the Vulnerable Software and Affected Versions Computer Associates ARCserve for NT version 6.61 SP2a Computer Associates ARCserve 2000 version 7.0

Description The issue allows local and remote attackers to gain privileges by accessing the backup agent user name and password stored in cleartext in the aremote.dmp file located in the ARCSERVE$ hidden share.

Recommendations For Computer Associates ARCserve for NT version 6.61 SP2a, consider restricting access to the ARCSERVE$ hidden share to minimize the risk of exploitation. For Computer Associates ARCserve 2000 version 7.0, avoid using the affected backup agent until a secure method of storing user credentials is implemented. As a temporary workaround, consider disabling the backup agent functionality until a patch is available.