Re: Symantec pcAnywhere 9.0 DoS / Buffer Overflow

[Mike Prosser <mprosser () NAVGWOUT SYMANTEC COM>]

SIRC Incident Headline: Symantec pcAnywhere 9.0 DoS / Buffer Overflow

Affected Components:

Symantec pcAnywhere 9.0 and earlier


Incident Details:
On 02/11/01 05:22 PM, Zoa Chien of Securax.org reported a denial of service
in Symantec's pcAnywhere 9.0 in which pcAnywhere, configured as a host PC
could be crashed by sending large amounts of characters to the listening
port.

SIRC Response:

Symantec technicians have determined that this is the same problem
originally reported in BID 1150, Denial of Service Against pcAnywhere in
which pcAnywhere 9.0 and earlier could be crashed by an nmap scan.

This issue was corrected in Symantec pcAnywhere version 9.01.  PcAnywhere
9.01 through current versions are not vulnerable to this problem.


Mike Prosser
Research Manager, SIRC
Symantec Research Labs
Symantec Corporation
mprosser () symantec com
http://www.symantec.com


=============================================================================

Securax-SA-14                                               Security
Advisory
belgian.networking.security
Dutch
=============================================================================

Topic:          Symantec pcAnywhere 9.0 DoS / Buffer Overflow
Announced:      2001-02-08
Affects:        Symantec PcAnywhere 9.0 on Microsoft Windows 98 SE
=============================================================================




  Note: This  entire  advisory has been based upon trial and error results.
We
        can not ensure the information  below is 100% correct being that we
do
        not have any source code to audit.  This document is subject to
change
        without prior notice.

        If you happen to find more information / problems concerning the
below
        problem  or  further varients please contact me on the following
email
        incubus () securax net, or you can contact info () securax org.

----------------------snip-----------------------------