CA BrightStor ARCserve Backup Agent Credential Disclosure

critical Nessus Plugin ID 11105


Backup share can be accessed without authentication.


The remote host has an accessible ARCSERVE$ share.

Several versions of ARCserve store the backup agent username and password in a plaintext file on this share.

An attacker may use this flaw to obtain the password file of the remote backup agent, and use it to gain privileges on this host.


Limit access to this share to the backup account and domain administrator.

See Also

Plugin Details

Severity: Critical

ID: 11105

File Name: arcserve_hidden_share.nasl

Version: 1.25

Type: local

Agent: windows

Family: Windows

Published: 8/22/2002

Updated: 11/15/2018

Supported Sensors: Nessus Agent

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/name, SMB/login, SMB/password, SMB/transport

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 4/9/2004

Reference Information

CVE: CVE-2001-0960

BID: 3343