exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

_SRT2003-11-13-0218.txt

_SRT2003-11-13-0218.txt
Posted Nov 14, 2003
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations Advisory SRT2003-11-13-0218 - Symantec PCAnywhere versions 10.x to 11.x allow for a local attacker to gain SYSTEM privileges via AWHOST32.exe that can be run via an icon.

tags | advisory, local
SHA-256 | 06a0532b6f5bf502d7995e8c3aae01db81045cd634c514dc2d89f1ab19d59781

_SRT2003-11-13-0218.txt

Change Mirror Download
Secure Network Operations, Inc.             http://www.secnetops.com/research
Strategic Reconnaissance Team research@secnetops.com
Team Lead Contact kf@secnetops.com


Our Mission:
************************************************************************
Secure Network Operations offers expertise in Networking, Intrusion
Detection Systems (IDS), Software Security Validation, and
Corporate/Private Network Security. Our mission is to facilitate a
secure and reliable Internet and inter-enterprise communications
infrastructure through the products and services we offer.

To learn more about our company, products and services or to request a
demo of ANVIL FCS please visit our site at http://www.secnetops.com, or
call us at: 978-263-3829


Quick Summary:
************************************************************************
Advisory Number : SRT2003-11-13-0218
Product : Symantec PCAnywhere
Version : 10.x and 11.x
Vendor : http://www.symantec.com/pcanywhere/
Class : Local
Criticality : High (to PCAnywhere users)
Operating System(s) : Win32


Notice
************************************************************************
The full technical details of this vulnerability can be found at:
http://www.secnetops.com under the research section.


Basic Explanation
************************************************************************
High Level Description : PCAnywhere allows local users to become SYSTEM
What to do : run LiveUpdate and apply latest patches.


Basic Technical Details
************************************************************************
Proof Of Concept Status : SNO has proof of concept.

Low Level Description : PCAnywhere is an industry-leading remote control
software that features remote management paired with file transfer capabilities.
PCAnywhere has the ability to help quickly resolve helpdesk and server support
issues.

When PCAnywhere is started as a service or set to launch with windows an
attacker may be able to take SYSTEM rights via the help interface. AWHOST32.exe
runs as the user SYSTEM while interacting with the local desktop on the machine
that PCAnywhere is listening. Users have the ability to interact with AWHOST32
via an icon in the Windows systray.

Brett Moore of security-assessment.com pointed out a flaw in the Win32 help
API which can be found at http://www.securityfocus.com/bid/8884 . A variation
of this attack is present in both PCAnywhere 10 and 11. It is unknown how this
issue affects older versions of PCAnywhere since they are no longer supported
products.

full details at http://www.secnetops.biz/research/SRT2003-11-13-0218.txt

Vendor Status : Symantec promptly attended to the issue and
was very responsive during all phases of discovery / research and patching.
Fixes are now available via LiveUpdate.

Bugtraq URL : To be assigned. CVE candidate CAN-2003-0936.
Disclaimer
----------------------------------------------------------------------
This advisory was released by Secure Network Operations,Inc. as a matter
of notification to help administrators protect their networks against
the described vulnerability. Exploit source code is no longer released
in our advisories but can be obtained under contract.. Contact our sales
department at sales@secnetops.com for further information on how to
obtain proof of concept code.

----------------------------------------------------------------------
Secure Network Operations, Inc. || http://www.secnetops.com
"Embracing the future of technology, protecting you."



Login or Register to add favorites

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close