Signature Detail
Short Name |
APP:PCANYWHERE:SERVER-DOS |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
PCAnywhere Denial of Service |
Release Date |
2006/03/15 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: PCAnywhere Denial of Service
This signature detects attempts to exploit a known vulnerability in Symantec pcAnywhere. It is due to improper boundary checking and can be exploited to cause a buffer overflow prior to authentication. A remote unauthenticated attacker can exploit this vulnerability to terminate the application, causing a denial-of-service condition.
Extended Description
Symantec pcAnywhere is vulnerable to a buffer overflow vulnerability. Because the flaw can be triggered prior to authentication, the vulnerability is exploitable by remote attackers without valid credentials. It is confirmed that the vulnerability can be exploited to cause a denial of service. Supported versions 11.0.1 and 11.5.1 are confirmed affected. Previous versions are vulnerable and users are advised to upgrade to the latest supported version. Patches are available.
Affected Products
- Symantec pcAnywhere 10.0.0
- Symantec pcAnywhere 10.5.0
- Symantec pcAnywhere 11.0.0
- Symantec pcAnywhere 11.0.1
- Symantec pcAnywhere 11.5.0
- Symantec pcAnywhere 11.5.1
- Symantec pcAnywhere 8.0.1
- Symantec pcAnywhere 8.0.2
- Symantec pcAnywhere 9.0.0
- Symantec pcAnywhere 9.0.1
- Symantec pcAnywhere 9.2.0
References