Title: ARCservIT Client asagent.tmp Arbitrary File Overwrite Vulnerability
Severity: MODERATE
Description:
ARCservIT is a storage management utility, providing automation for the backing-up and restoring of data, and may be implemented across a network.
ARCservIT contains a vulnerability which may allow malicious local users to overwrite arbitrary files.
When it runs for the first time, 'asagent', opens (and truncates it if it exists) a file in /tmp called 'asagent.tmp'. 'asagent' does not check to make sure that this file already exists or that is a symbolic link to another file.
As a result, local users can create symbolic links in the world writeable /tmp directory pointing to arbitrary files on the system.
When the administrator runs 'asagent' for the first time, the target file will be zeroed out.
This may lead to a denial of service or loss of data.
Affected Products:
- Computer Associates ARCServeIT 6.61.0
- Computer Associates ARCServeIT 6.63.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
