CVE-2006-3784
https://notcve.org/view.php?id=CVE-2006-3784
Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator. Symantec pcAnywhere 12.5 utiliza unos permisos por defecto débiles para la carpeta "Symantec\pcAnywhere\Hosts", lo cual permite a un usuario local ganar privilegios a través de la insercción de un superusuario archivo .cif (también conocido como llamador o CallerID) dentro de la carpeta, y por lo tanto utilizando un cliente pcAnywhere entrar como administrador local. • http://secunia.com/advisories/21113 http://securityreason.com/securityalert/1261 http://www.digitalbullets.org/?p=3 http://www.securityfocus.com/archive/1/440448/100/0/threaded http://www.vupen.com/english/advisories/2006/2874 •
CVE-2005-3934 – pcAnywhere 8.0/9.0/11.x - Authentication Denial of Service
https://notcve.org/view.php?id=CVE-2005-3934
Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors. • https://www.exploit-db.com/exploits/26665 http://secunia.com/advisories/17797 http://securitytracker.com/id?1015284 http://www.securityfocus.com/bid/15646 http://www.symantec.com/avcenter/security/Content/2005.11.29.html http://www.vupen.com/english/advisories/2005/2658 https://exchange.xforce.ibmcloud.com/vulnerabilities/23298 •
CVE-2005-1970
https://notcve.org/view.php?id=CVE-2005-1970
Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature. • http://secunia.com/advisories/15673 http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html http://securitytracker.com/id?1014178 http://www.securityfocus.com/bid/13933 •
CVE-2003-0936
https://notcve.org/view.php?id=CVE-2003-0936
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe. Symantec PCAnywhere 10.x y 11, cuando se arranca como un servicio, permite a atacantes remotos ganar privielgios de Sistema mediante el interfaz de ayuda usando AWHOST32.exe. • http://marc.info/?l=bugtraq&m=106875764826251&w=2 http://marc.info/?l=bugtraq&m=106876107330752&w=2 http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html •
CVE-2000-0324 – Symantec pcAnywhere 8.0.1/8.0.2/9.0/9.2 - Port Scan Denial of Service
https://notcve.org/view.php?id=CVE-2000-0324
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap. • https://www.exploit-db.com/exploits/19880 http://archives.neohapsis.com/archives/bugtraq/2001-02/0201.html http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html http://www.iss.net/security_center/static/4347.php http://www.osvdb.org/1301 http://www.securityfocus.com/bid/1150 http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000425150157.13567A-100000%40sword.damocles.com •