Symantec.pcAnywhere.Host.Services.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in Symantec PCAnywhere.
The vulnerability is caused by an error when the vulnerable software handles a client request with overlong username field. It allows a remote attacker to execute arbitrary code via sending a crafted client request.

affected-products-logoAffected Products

Symantec pcAnywhere 12.5.x
Symantec IT Management Suite 7.0 pcAnywhere Solution 12.5.x
Symantec IT Management Suite 7.1 pcAnywhere Solution 12.6.x

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for suggested workaround.
http://www.symantec.com/business/support/index?page=content&id=TECH179526

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)