Lucene search

MitreCVE-2000-0781

HistorySep 01, 2004 - 4:00 a.m.

CVE-2000-0781

2004-09-0104:00:00

mitre

web.nvd.nist.gov

cve-2000-0781

arcserveit client agent 6.62

temporary file

command execution

nvd.

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

18.1%

JSON

uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved.

Affected configurations

Nvd

Node

caarcserve_backupMatch6.63_linux

VendorProductVersionCPE
caarcserve_backup6.63_linuxcpe:2.3:a:ca:arcserve_backup:6.63_linux:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ca	arcserve_backup	6.63_linux	cpe:2.3:a:ca:arcserve_backup:6.63_linux:::::::*

References

archives.neohapsis.com/archives/bugtraq/2000-07/0431.html

www.securityfocus.com/bid/1519

exchange.xforce.ibmcloud.com/vulnerabilities/5023

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

18.1%

JSON

Related for CVE-2000-0781