 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.900333 |
| Category: | Denial of Service |
| Title: | Symantec pcAnywhere Format String DoS Vulnerability |
| Summary: | Symantec pcAnywhere is prone to a denial of service (DoS) vulnerability. |
| Description: | Summary: Symantec pcAnywhere is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Issue exists due to improper processing of format strings within '.CHF' remote control file names or associated file path. Vulnerability Impact: Allows a malicious user to crash an affected application, creating a denial of service condition. Affected Software/OS: Symantec pcAnywhere version 12.5 and prior on Windows. Solution: Upgrade to pcAnywhere version 12.5 SP1. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-0538 BugTraq ID: 33845 http://www.securityfocus.com/bid/33845 Bugtraq: 20090318 Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5 (Google Search) http://www.securityfocus.com/archive/1/501930/100/0/threaded http://www.layereddefense.com/pcanywhere17mar.html http://osvdb.org/52797 http://securitytracker.com/id?1021855 http://secunia.com/advisories/34305 http://www.vupen.com/english/advisories/2009/0755 XForce ISS Database: symantec-pcanywhere-unspecified-dos(49291) https://exchange.xforce.ibmcloud.com/vulnerabilities/49291 |
| Copyright | Copyright (C) 2009 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |