PCAnywhere Denial of Service Vulnerability
BID:1095
Info
PCAnywhere Denial of Service Vulnerability
| Bugtraq ID: | 1095 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 10 2000 12:00AM |
| Updated: | Apr 10 2000 12:00AM |
| Credit: | This vulnerability was posted to the Bugtraq mailing list by Frankie Zie <[email protected]> on 9 Apr 2000. |
| Vulnerable: |
Symantec PCAnywhere32 8.0 Symantec pcAnywhere 9.0 |
| Not Vulnerable: | |
Discussion
PCAnywhere Denial of Service Vulnerability
Under certain versions of PCAnywhere it is possible for remote clients to cause a denial of service attack against the PCAnywhere server. This is done by canceling a connection in the time period between when the status bar is displayed (PCAnywhere connecting...) and before the Login window appears.
Under certain versions of PCAnywhere it is possible for remote clients to cause a denial of service attack against the PCAnywhere server. This is done by canceling a connection in the time period between when the status bar is displayed (PCAnywhere connecting...) and before the Login window appears.
Exploit / POC
PCAnywhere Denial of Service Vulnerability
See 'Discussion'.
See 'Discussion'.
Solution / Fix
PCAnywhere Denial of Service Vulnerability
Solution:
Under version 8.0 the only currently known remedy is to stop and restart the service on the affected host:
net stop awhost32
net start awhost32
Under version 9.0 the service can be restarted remotely:
%telnet targethost:5631
}
Please press <Enter>...
Press Enter at this point and it will restart the server.
Solution:
Under version 8.0 the only currently known remedy is to stop and restart the service on the affected host:
net stop awhost32
net start awhost32
Under version 9.0 the service can be restarted remotely:
%telnet targethost:5631
}
Please press <Enter>...
Press Enter at this point and it will restart the server.