|
Family: Windows --> Category: infos
ARCserve hidden share Vulnerability Scan
Vulnerability Scan Summary Connects to ARCSERVE$
Detailed Explanation for this Vulnerability Test
Synopsis :
Backup share can be accessed without authentication.
Description :
The remote host has an accessible ARCSERVE$ share.
Several versions of ARCserve store the backup agent user name
and password in cleartext in this share.
A possible hacker may use this flaw to obtain the password file of
the remote backup agent, and use it to gain more rights
on this host.
Solution :
Limit access to this share to the backup account and domain
administrator.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|