CVE-2012-0292

pcAnywhere 12.5.0 build 463 - Denial of Service

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631.

El servicio awhost32 en Symantec pcAnywhere hasta v12.5.3, Altiris IT Management Suite pcAnywhere Solution v7.0 (también conocido como v12.5.x) y v7.1 (también conocido como v12.6.x), Altiris Client Management Suite pcAnywhere Solution v7.0 (también conocido como v12.5.x) y v7.1 (también conocido como v12.6.x), y Altiris Deployment Solution Remote pcAnywhere Solution v7.1 (también conocido como v12.5.x and v12.6.x), permiten a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una sesión TCP modificada en el puerto 5631.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2012-01-04 CVE Reserved
2012-02-17 First Exploit
2012-03-08 CVE Published
2024-08-06 CVE Updated
2024-10-27 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-20: Improper Input Validation

CAPEC

References (5)

URL	Tag	Source
http://secunia.com/advisories/48092	Third Party Advisory

URL	Date	SRC
https://www.exploit-db.com/exploits/18493	2012-02-17
http://www.exploit-db.com/exploits/18493	2024-08-06
http://www.securityfocus.com/bid/52094	2024-08-06

URL	Date	SRC

URL	Date	SRC
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120301_00	2018-01-06

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				<= 12.5 Search vendor "Symantec" for product "Pcanywhere" and version " <= 12.5"		sp3		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				10.0 Search vendor "Symantec" for product "Pcanywhere" and version "10.0"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				10.5 Search vendor "Symantec" for product "Pcanywhere" and version "10.5"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				11.0 Search vendor "Symantec" for product "Pcanywhere" and version "11.0"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				11.0.1 Search vendor "Symantec" for product "Pcanywhere" and version "11.0.1"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				11.5 Search vendor "Symantec" for product "Pcanywhere" and version "11.5"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				11.5.1 Search vendor "Symantec" for product "Pcanywhere" and version "11.5.1"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.0 Search vendor "Symantec" for product "Pcanywhere" and version "12.0"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.0.1 Search vendor "Symantec" for product "Pcanywhere" and version "12.0.1"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.0.2 Search vendor "Symantec" for product "Pcanywhere" and version "12.0.2"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.0.3 Search vendor "Symantec" for product "Pcanywhere" and version "12.0.3"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.1 Search vendor "Symantec" for product "Pcanywhere" and version "12.1"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.5 Search vendor "Symantec" for product "Pcanywhere" and version "12.5"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.5 Search vendor "Symantec" for product "Pcanywhere" and version "12.5"		sp1		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.5 Search vendor "Symantec" for product "Pcanywhere" and version "12.5"		sp2		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.5.3 Search vendor "Symantec" for product "Pcanywhere" and version "12.5.3"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.5.265 Search vendor "Symantec" for product "Pcanywhere" and version "12.5.265"		-		Affected
Symantec Search vendor "Symantec"		Pcanywhere Search vendor "Symantec" for product "Pcanywhere"				12.5.539 Search vendor "Symantec" for product "Pcanywhere" and version "12.5.539"		-		Affected
Symantec Search vendor "Symantec"		Altiris Client Management Suite Pcanywhere Solution Search vendor "Symantec" for product "Altiris Client Management Suite Pcanywhere Solution"				7.0 Search vendor "Symantec" for product "Altiris Client Management Suite Pcanywhere Solution" and version "7.0"		-		Affected
Symantec Search vendor "Symantec"		Altiris Climentent Manage Suite Pcanywhere Solution Search vendor "Symantec" for product "Altiris Climentent Manage Suite Pcanywhere Solution"				7.1 Search vendor "Symantec" for product "Altiris Climentent Manage Suite Pcanywhere Solution" and version "7.1"		-		Affected
Symantec Search vendor "Symantec"		Altiris Deployment Solution Remote Pcanywhere Solution Search vendor "Symantec" for product "Altiris Deployment Solution Remote Pcanywhere Solution"				7.1 Search vendor "Symantec" for product "Altiris Deployment Solution Remote Pcanywhere Solution" and version "7.1"		-		Affected
Symantec Search vendor "Symantec"		Altiris It Management Suite Pcanywhere Solution Search vendor "Symantec" for product "Altiris It Management Suite Pcanywhere Solution"				7.0 Search vendor "Symantec" for product "Altiris It Management Suite Pcanywhere Solution" and version "7.0"		-		Affected
Symantec Search vendor "Symantec"		Altiris It Management Suite Pcanywhere Solution Search vendor "Symantec" for product "Altiris It Management Suite Pcanywhere Solution"				7.1 Search vendor "Symantec" for product "Altiris It Management Suite Pcanywhere Solution" and version "7.1"		-		Affected