Symantec pcAnywhere Port Scan DoS Vulnerability
BID:1150
Info
Symantec pcAnywhere Port Scan DoS Vulnerability
| Bugtraq ID: | 1150 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Apr 25 2000 12:00AM |
| Updated: | Apr 25 2000 12:00AM |
| Credit: | Posted to Bugtraq on April 25, 2000 by Vacuum <[email protected]>. |
| Vulnerable: |
Symantec pcAnywhere 9.2 Symantec pcAnywhere 9.0 Symantec pcAnywhere 8.0.2 Symantec pcAnywhere 8.0.1 |
| Not Vulnerable: | |
Discussion
Symantec pcAnywhere Port Scan DoS Vulnerability
Performing a TCP SYN or TCP connect scan on a host running Symantec pcAnywhere will cause the program to crash. Restarting the application is required in order to regain normal functionality.
Performing a TCP SYN or TCP connect scan on a host running Symantec pcAnywhere will cause the program to crash. Restarting the application is required in order to regain normal functionality.
Exploit / POC
Symantec pcAnywhere Port Scan DoS Vulnerability
nmap -sS target
nmap -sS target
Solution / Fix
Symantec pcAnywhere Port Scan DoS Vulnerability
Solution:
Symantec has released an update that is not vulnerable to this attack:
ftp://ftp.symantec.com/public/english_us_canada/products/pcanywhere/pcanywhere32/ver9.0/updates/921up.exe
Solution:
Symantec has released an update that is not vulnerable to this attack:
ftp://ftp.symantec.com/public/english_us_canada/products/pcanywhere/pcanywhere32/ver9.0/updates/921up.exe