Description
Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.
Affected products
- Broadcom / arcserve_backup6.61 – 6.61
- ca / arcserve_backup6.63 – 6.63