Symantec pcAnywhere Discloses Passwords to Local Administrators
|
|
SecurityTracker Alert ID: 1018032 |
|
SecurityTracker URL: http://securitytracker.com/id/1018032
|
|
CVE Reference:
CVE-2007-2619
(Links to External Site)
|
Updated: May 12 2008
|
Original Entry Date: May 10 2007
|
Impact:
Disclosure of authentication information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 11.5.x, 12.0.x
|
Description:
A vulnerability was reported in pcAnywhere. A local administrative user can determine the remote user's password.
Symantec pcAnywhere stores a remotely connected user's authentication credentials in clear text in the host server's process memory. A local user with administrator privileges on the host server can view the process memory contents to read the remote user's credentials.
Symantec credits Jeremy Lebourdais with reporting this vulnerability.
|
Impact:
A local user with administrative privileges can determine a target user's password.
|
Solution:
The vendor has issued a fix for version 12.0.x, available via LiveUpdate.
Version 11.5.x is no longer a supported product, but the vendor will offer a fix for this version at a later date.
The Symantec advisory is available at:
http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html
|
Vendor URL: securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html (Links to External Site)
|
Cause:
Access control error, State error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 9 May 2007 22:15:11 -0400
Subject: Symantec pcAnywhere Remote User Credential Disclosure
|
http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html
|
|
