Symantec pcAnywhere Unauthenticated Administrative Access

2000-01-10T00:00:00
ID OSVDB:666
Type osvdb
Reporter OSVDB
Modified 2000-01-10T00:00:00

Description

Vulnerability Description

Many users of pcAnywhere do not configure authentication settings properly (e. g. no or weak passwords are set). It is possible for a remote attacker to gain total control over systems running this service resulting in a loss of integriy.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Always use a strong password protection.

Short Description

Many users of pcAnywhere do not configure authentication settings properly (e. g. no or weak passwords are set). It is possible for a remote attacker to gain total control over systems running this service resulting in a loss of integriy.

References:

Vendor URL: http://sea.symantec.com/content/product.cfm?productid=16 Snort Signature ID: 507 Mail List Post: http://archives.neohapsis.com/archives/nfr-wizards/2000-q1/0058.html ISS X-Force ID: 885