SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Generic)  >   pcAnywhere Vendors:   Symantec
Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code and Local Users Obtain Elevated Privileges
SecurityTracker Alert ID:  1026576
SecurityTracker URL:  http://securitytracker.com/id/1026576
CVE Reference:   CVE-2011-3478, CVE-2011-3479, CVE-2012-0290, CVE-2012-0291   (Links to External Site)
Updated:  Feb 22 2012
Original Entry Date:  Jan 24 2012
Impact:   Denial of service via network, Execution of arbitrary code via network, Modification of system information, Root access via local system, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 12.5 SP3; pcAnywhere Solutions 7.1 GA, SP 1, and SP 2
Description:   Two vulnerabilities were reported in Symantec pcAnywhere. A remote user can execute arbitrary code on the target system. A local user can obtain elevated privileges on the target system. A remote user can cause denial of service conditions.

A remote user can send specially crafted data to TCP port 5631 to trigger a but in the validation of authentication data and execute arbitrary code [CVE-2011-3478].

Tal Seltzer (via TippingPoint’s Zero Day Initiative) and Edward Torkington of NGS Secure reported this vulnerability.

Some installation files are created as writable by everyone [CVE-2011-3479]. A local user can modify the files and then potentially obtain elevated privileges.

Edward Torkington at NGS Secure reported this vulnerability.

A remote user may be able to access an open client session after an exception has occurred in a valid client-server connection [CVE-2012-0290].

A remote user can cause the application to hang or crash [CVE-2012-0291]. A manual restart is required to return the system to normal operations.
Impact:   A remote user can execute arbitrary code on the target system.

A local user can obtain elevated privileges on the target system.

A remote user can cause denial of service conditions.

A remote user may be able to access an open client session.
Solution:   The vendor issued a hotfix (TECH179526).

On February 10, 2012, the vendor issued a revised hotfix to correct some additional vulnerabilities (TECH180472).

The vendor's advisories are available at:

http://www.symantec.com/docs/TECH179526
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00
Vendor URL:  www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 (Links to External Site)
Cause:   Access control error, Input validation error
Underlying OS:   Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Tue, 24 Jan 2012 17:43:07 +0000
Subject:  Symantec pcAnywhere


http://www.symantec.com/docs/TECH179526


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC