Vulnerability Name:

CVE-2011-3478 (CCN-72664)

Assigned:2011-09-14
Published:2012-01-24
Updated:2018-01-06
Summary:The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.
CVSS v3 Severity:9.6 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.8 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
8.3 High (CCN CVSS v2 Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C)
6.5 Medium (CCN Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-287
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2011-3478

Source: OSVDB
Type: UNKNOWN
78532

Source: CCN
Type: SA47744
Symantec pcAnywhere / IT Management Suite Buffer Overflow and Insecure Permission

Source: SECUNIA
Type: UNKNOWN
48092

Source: CCN
Type: OSVDB ID: 78532
Symantec pcAnywhere / IT Management Suite awhost32 Component Authentication Request Parsing Remote Overflow

Source: BID
Type: UNKNOWN
51592

Source: CCN
Type: BID-51592
Symantec pcAnywhere Host Services Remote Code Execution Vulnerability

Source: CCN
Type: SYM12-002
Symantec pcAnywhere Remote Code Execution, Local Access File Tampering

Source: CONFIRM
Type: Vendor Advisory
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00

Source: CONFIRM
Type: UNKNOWN
http://www.zerodayinitiative.com/advisories/ZDI-12-018/

Source: XF
Type: UNKNOWN
pcanywhere-host-services-code-exec(72664)

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [06-27-2012]

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [11-02-2015]

Source: EXPLOIT-DB
Type: UNKNOWN
38599

Source: CCN
Type: ZDI-12-018
Symantec PCAnywhere awhost32 Remote Code Execution Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*
  • OR cpe:/a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*
  • OR cpe:/a:symantec:pcanywhere:12.5:sp3:*:*:*:*:*:*
  • OR cpe:/a:symantec:pcanywhere:12.5.539:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:pcanywhere:12.6.65:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:pcanywhere:12.6.65:sp1:*:*:*:*:*:*
  • OR cpe:/a:symantec:pcanywhere:12.6.7580:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:pcanywhere:12.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec pcanywhere 12.5
    symantec pcanywhere 12.5 sp1
    symantec pcanywhere 12.5 sp2
    symantec pcanywhere 12.5 sp3
    symantec pcanywhere 12.5.539
    symantec pcanywhere 12.6.65
    symantec pcanywhere 12.6.65 sp1
    symantec pcanywhere 12.6.7580
    symantec pcanywhere 12.5
    symantec pcanywhere 12.5.3
    symantec pcanywhere 12.5 sp1