 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.11105 |
| Category: | Windows |
| Title: | ARCserve hidden share |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host has an accessible ARCSERVE$ share. Several versions of ARCserve store the backup agent user name and password in cleartext in this share. An attacker may use this flaw to obtain the password file of the remote backup agent, and use it to gain more privileges on this host. Solution : Limit access to this share to the backup account and domain administrator. Risk factor : High |
| Cross-Ref: |
BugTraq ID: 3343 Common Vulnerability Exposure (CVE) ID: CVE-2001-0960 http://www.securityfocus.com/bid/3343 Bugtraq: 20010915 ARCserve 6.61 Share Access Vulnerability (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-09/0137.html http://support.ca.com/Download/patches/asitnt/QO00945.html XForce ISS Database: arcserve-aremote-plaintext(7122) https://exchange.xforce.ibmcloud.com/vulnerabilities/7122 |
| Copyright | This script is Copyright (C) 2002 Renaud Deraison |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |