PT-2012-2468 · Symantec · Pcanywhere+2
Johnathan Norman
+1
·
Published
2012-03-08
·
Updated
2018-01-06
·
CVE-2012-0292
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Symantec pcAnywhere versions prior to 12.5.3
Altiris IT Management Suite pcAnywhere Solution versions 7.0 and 7.1
Altiris Client Management Suite pcAnywhere Solution versions 7.0 and 7.1
Altiris Deployment Solution Remote pcAnywhere Solution version 7.1
Description
The issue allows remote attackers to cause a denial of service via a crafted TCP session on port 5631, resulting in a daemon crash.
Recommendations
For Symantec pcAnywhere versions prior to 12.5.3, update to version 12.5.3 or later to resolve the issue.
For Altiris IT Management Suite pcAnywhere Solution versions 7.0 and 7.1, update to a version that is not based on Symantec pcAnywhere 12.5.3 or earlier.
For Altiris Client Management Suite pcAnywhere Solution versions 7.0 and 7.1, update to a version that is not based on Symantec pcAnywhere 12.5.3 or earlier.
For Altiris Deployment Solution Remote pcAnywhere Solution version 7.1, update to a version that is not based on Symantec pcAnywhere 12.5.3 or earlier.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Altiris Client Management Suite
Altiris Deployment Solution
Pcanywhere