Vulnerability CVE-2012-0292 - CERT Civis.Net

Vulnerability Name:

CVE-2012-0292 (CCN-73307)

Assigned:

2012-02-17

Published:

2012-02-17

Updated:

2018-01-06

Summary:

The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.1 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.1 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2012-0292

Source: CCN
Type: Symantec pcAnywhere Web page
Symantec pcAnywhere 11.5

Source: CCN
Type: SA48092
Symantec pcAnywhere Denial of Service Vulnerability

Source: SECUNIA
Type: UNKNOWN
48092

Source: EXPLOIT-DB
Type: Exploit
18493

Source: CCN
Type: OSVDB ID: 79412
Symantec pcAnywhere awhost32 Service Unauthenticated Remote DoS

Source: BID
Type: Exploit
52094

Source: CCN
Type: BID-52094
Symantec pcAnywhere Authentication Request Handling Denial of Service Vulnerability

Source: CONFIRM
Type: Vendor Advisory
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120301_00

Source: XF
Type: UNKNOWN
pcanywhere-awhost-dos(73307)

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [02-17-2012]

Vulnerable Configuration:

Configuration 1:

cpe:/a:symantec:pcanywhere:10.0:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:11.0:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:11.0.1:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:11.5.1:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.0:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.0.1:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.0.2:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.0.3:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.1:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:*:sp3:*:*:*:*:*:* (Version <= 12.5)

OR cpe:/a:symantec:pcanywhere:12.5.3:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.5.265:*:*:*:*:*:*:*

OR cpe:/a:symantec:pcanywhere:12.5.539:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:symantec:altiris_client_management_suite_pcanywhere_solution:7.0:*:*:*:*:*:*:*

OR cpe:/a:symantec:altiris_climentent_manage_suite_pcanywhere_solution:7.1:*:*:*:*:*:*:*

OR cpe:/a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:7.1:*:*:*:*:*:*:*

OR cpe:/a:symantec:altiris_it_management_suite_pcanywhere_solution:7.0:*:*:*:*:*:*:*

OR cpe:/a:symantec:altiris_it_management_suite_pcanywhere_solution:7.1:*:*:*:*:*:*:*

Denotes that component is vulnerable