Bugtraq mailing list archives
Re: Symantec pcAnywhere 9.0 DoS / Buffer Overflow
From: Mike Prosser <mprosser () NAVGWOUT SYMANTEC COM>
Date: Mon, 12 Feb 2001 18:55:11 -0600
SIRC Incident Headline: Symantec pcAnywhere 9.0 DoS / Buffer Overflow Affected Components: Symantec pcAnywhere 9.0 and earlier Incident Details: On 02/11/01 05:22 PM, Zoa Chien of Securax.org reported a denial of service in Symantec's pcAnywhere 9.0 in which pcAnywhere, configured as a host PC could be crashed by sending large amounts of characters to the listening port. SIRC Response: Symantec technicians have determined that this is the same problem originally reported in BID 1150, Denial of Service Against pcAnywhere in which pcAnywhere 9.0 and earlier could be crashed by an nmap scan. This issue was corrected in Symantec pcAnywhere version 9.01. PcAnywhere 9.01 through current versions are not vulnerable to this problem. Mike Prosser Research Manager, SIRC Symantec Research Labs Symantec Corporation mprosser () symantec com http://www.symantec.com ============================================================================= Securax-SA-14 Security Advisory belgian.networking.security Dutch ============================================================================= Topic: Symantec pcAnywhere 9.0 DoS / Buffer Overflow Announced: 2001-02-08 Affects: Symantec PcAnywhere 9.0 on Microsoft Windows 98 SE ============================================================================= Note: This entire advisory has been based upon trial and error results. We can not ensure the information below is 100% correct being that we do not have any source code to audit. This document is subject to change without prior notice. If you happen to find more information / problems concerning the below problem or further varients please contact me on the following email incubus () securax net, or you can contact info () securax org. ----------------------snip-----------------------------
Current thread:
- Symantec pcAnywhere 9.0 DoS / Buffer Overflow Zoa_Chien (Feb 12)
- <Possible follow-ups>
- Re: Symantec pcAnywhere 9.0 DoS / Buffer Overflow Mike Prosser (Feb 13)