Initial Publication Date: Advisory Status: Advisory Severity: Legacy ID
9 May 2007 Closed Low
Symantec pcAnywhere fails to properly protect remote user credentials stored in memory.
Risk Impact Low
Exploit publicly available
11.5.x (No longer supported)
Note: Symantec pcAnywhere version 11.5.x is no longer a supported product. However a fix for this version in being developed and will be available at a later date. This fix will be made available on an as is basis with no support available. Users who wish to have full product support are encouraged to upgrade to the latest supported version.
A remote user’s connection credentials are stored in clear text with in the Symantec pcAnywhere host server’s process memory when a remote session is requested. The last remote users logged in credentials are stored in clear text in the memory while the Symantec pcAnywhere host is active on the host machine. The credentials of a remote user requesting a session connection can be compromised if a user with administration rights on the host machine utilizes tools to dump the process memory, and search and discover remote user's credentials.
Limit access to administrator account. Without administrative access, the heap memory cannot be dumped and remote credentials discovered.
Symantec has released updates for all affected product version currently supported by Symantec. These updates are available through Symantec’s LiveUpdate.
To date, Symantec is not aware of any reported attempts to exploit this vulnerability.
Symantec would like to thank Jeremy Lebourdais of EdelWeb for reporting this issue to Symantec, and working with us on the resolution.
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.