Symantec pcAnywhere Host Services Login Overflow

Added: 02/13/2012
CVE: CVE-2011-3478
BID: 51592
OSVDB: 78532

Background

Symantec pcAnywhere is a suite of remote connectivity applications that allow users of a system to access their system remotely.

Problem

A stack overflow exist in the pcAnywhere Host Service when parsing login names. An attacker can send a malicious login to trigger this vulnerability, which may result in arbitrary code execution.

Resolution

Symantec has suggested that customers stop using pcAnywhere, as they are no longer supporting the product.

References

http://www.frequentbusinesstraveler.com/2012/01/symantec-to-users-stop-using-pcanywhere/

Limitations

This exploit has been tested against Symantec pcAnywhere 12.5.0.442 on Windows XP SP3 English (DEP OptIn) with KB957579 and KB2483185.

Platforms

Windows

Back to exploit index