CVE-2011-3478

Symantec pcAnywhere <12.5.3 - RCE

Title source: llm

Description

The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.

Exploits (2)

exploitdb WORKING POC VERIFIED

by S2 Crew · pythonremotewindows

https://www.exploit-db.com/exploits/19407

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Tomislav Paskalev · pythonremotewindows_x86

https://www.exploit-db.com/exploits/38599

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://osvdb.org/show/osvdb/78532

[Third Party Advisory] http://secunia.com/advisories/48092

[Vendor Advisory] http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/51592

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/38599/

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-12-018/

Scores

EPSS 0.5290

EPSS Percentile 97.9%

Classification

CWE

CWE-287

Status draft

Affected Products (8)

symantec/pcanywhere

symantec/pcanywhere

symantec/pcanywhere

symantec/pcanywhere

symantec/pcanywhere

symantec/pcanywhere

symantec/pcanywhere

symantec/pcanywhere

Timeline

Published Jan 25, 2012

Tracked Since Feb 18, 2026