CVE-2001-1346

Name of the Vulnerable Software and Affected Versions Computer Associates ARCserveIT versions 6.61 through 6.63

Description The issue allows local users to overwrite arbitrary files via a symlink attack on temporary files, specifically asagent.tmp or inetd.tmp.

Recommendations For versions 6.61 and 6.63, consider restricting access to the temporary files asagent.tmp and inetd.tmp to prevent a symlink attack until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.