Test ID:	1.3.6.1.4.1.25623.1.0.10798
Category:	Default Accounts
Title:	Unprotected PC Anywhere Service (pcAnywhere Protocol)
Summary:	The PC Anywhere service does not require a password to access; the desktop of this system. If this machine is running Windows 95, 98, or ME, gaining full control; of the machine is trivial. If this system is running NT or 2000 and is currently logged out, an; attacker can still spy on and hijack a legitimate user's session when they login.
Description:	Summary: The PC Anywhere service does not require a password to access the desktop of this system. If this machine is running Windows 95, 98, or ME, gaining full control of the machine is trivial. If this system is running NT or 2000 and is currently logged out, an attacker can still spy on and hijack a legitimate user's session when they login. Solution: 1. Open the PC Anywhere application as an Administrator. 2. Right click on the Host object you are using and select Properties. 3. Select the Caller Access tab. 4. Switch the authentication type to Windows or PC Anywhere. 5. If you are using PC Anywhere authentication, set a strong password. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-1999-0507 https://www.cve.org/CVERecord?id=CVE-1999-0507 Common Vulnerability Exposure (CVE) ID: CVE-1999-0508 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0508
Copyright	Copyright (C) 2005 Digital Defense Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.