2 results (0.011 seconds)

CVSS: 1.2EPSS: 0%CPEs: 2EXPL: 2

Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. • https://www.exploit-db.com/exploits/20867 https://www.exploit-db.com/exploits/20868 http://archives.neohapsis.com/archives/bugtraq/2001-05/0184.html http://www.securityfocus.com/bid/2741 http://www.securityfocus.com/bid/2748 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0431.html http://www.securityfocus.com/bid/1519 https://exchange.xforce.ibmcloud.com/vulnerabilities/5023 •