Arkeia Backup World Writable File Creation Vulnerability

Arkeia Backup is a full-feature enterprise system backup infrastructure, distributed and maintained by Knox Software.

Arkeia does not use sufficient file creation permissions. Upon execution, Arkeia creates files that are root owned, and with permissions of 0666. This could allow a local user to deny service to legitimate users of the system. A local user may also be able to exploit this vulnerability to gain elevated privileges.


Privacy Statement
Copyright 2010, SecurityFocus