Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0300. PoCs published by Pascal Longpre.
AI-analyzed exploit summary This exploit demonstrates the weak encryption scheme in Symantec pcAnywhere, allowing decryption of sniffed passwords. It reverses the encryption algorithm to retrieve cleartext passwords from captured hex values.
Description
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Pascal Longpre · clocalwindows
https://www.exploit-db.com/exploits/19836
This exploit demonstrates the weak encryption scheme in Symantec pcAnywhere, allowing decryption of sniffed passwords. It reverses the encryption algorithm to retrieve cleartext passwords from captured hex values.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Symantec pcAnywhere (default configuration)
No auth needed
Prerequisites:
Network access to sniff pcAnywhere authentication traffic
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (2)
Core 2
Core References
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1093
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000406030958.23902.qmail%40securityfocus.com
Scores
EPSS
0.0589
EPSS Percentile
92.3%
Details
Status
published
Products (1)
symantec/pcanywhere
9.0
Published
Apr 06, 2000
Tracked Since
Feb 18, 2026