virus logo Intrusion Prevention

Symantec.pcAnywhere.Host.Services.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in Symantec PCAnywhere.
The vulnerability is caused by an error when the vulnerable software handles a client request with overlong username field. It allows a remote attacker to execute arbitrary code via sending a crafted client request.

affected-products-logoAffected Products

Symantec pcAnywhere 12.5.x
Symantec IT Management Suite 7.0 pcAnywhere Solution 12.5.x
Symantec IT Management Suite 7.1 pcAnywhere Solution 12.6.x

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for suggested workaround.
http://www.symantec.com/business/support/index?page=content&id=TECH179526

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://www.exploit-db.com/exploits/19407/ http://www.zerodayinitiative.com/advisories/ZDI-12-018 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00
ID 30945
Created Feb 22, 2012
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2011-3478
Exploit Prediction Score 88.61%
Default Action drop
Active
Affected OS Windows
Affected App Other