TITLE: Symantec pcAnywhere Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA17797 VERIFY ADVISORY: http://secunia.com/advisories/17797/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: Symantec pcAnywhere 9.x http://secunia.com/product/592/ Symantec pcAnywhere 11.x http://secunia.com/product/2539/ Symantec pcAnywhere 10.x http://secunia.com/product/169/ DESCRIPTION: A vulnerability has been reported in Symantec pcAnywhere, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified boundary error. This can be exploited to cause a buffer overflow prior to authentication, which causes the pcAnywhere component to crash. The vulnerability has been reported in versions 11.0.1, 11.5.1, and all 32-bit versions. Prior non-supported versions may also be affected. SOLUTION: Apply patches: The vendor recommends that users of versions prior to 11.0.1 to upgrade to a supported version. Symantec pcAnywhere (consumer versions): http://www.symantec.com/techsupp/files/pca/index.html Symantec pcAnywhere (enterprise versions): http://www.symantec.com/techsupp/enterprise/products/spca/files.html PROVIDED AND/OR DISCOVERED BY: The vendor credits Tal of See-Security technologies Ltd. ORIGINAL ADVISORY: http://securityresponse.symantec.com/avcenter/security/Content/2005.11.29.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------