COMMAND

    ARCserve

SYSTEMS AFFECTED

    Unixware 7.1

PROBLEM

    NAI Labs found following.  An implementation fault in the ARCserve
    agent script allows local attackers to obtain root privileges  and
    overwrite/insert data  into arbitrary  files.   This vulnerability
    has been confirmed and is  known to be exploitable under  Unixware
    7.1.0

    A script responsible  for starting up  the ARCserve agent  creates
    multiple world writeable statically named temp files.  An attacker
    can remove these files and  create symlinks to other files  on the
    system allowing him to create root owned world writeable files  or
    overwrite any file  on the system.   It is also  possible for  the
    attacker to insert any data  he wishes to the files  he overwrites
    due to the nature of the configuration/tempfile system.   ARCserve
    agent is installed and running by default.

    Discovery and  documentation of  this vulnerability  was conducted
    by  Shawn  Bracken  at  the  Security  Research  Labs  of  Network
    Associates.

SOLUTION

    SCO has developed a patch to address this issue.  More information
    is available at:

        http://www.sco.com/security