[原文]Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files.
Computer Associates ARCserver contains a flaw that may lead to an unauthorized information disclosure or possibly system compromise. The issue is triggered by an attacker connecting to the ARCSERVE$ share.
Computer Associates has released a patch to address this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): Restrict access to the ARCSERVE$ share to the administrator and backup operator accounts.