This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote service is affected by a remote code execution
A flaw exists within the awhost32 component of the remote pcAnywhere
that is used when handling incoming connections from remote hosts. When
handling an authentication request, the process copies the user supplied
username unsafely to a fixed-length buffer of size 0x108. A remote
attacker can exploit this vulnerability to execute arbitrary code under
the context of the SYSTEM account.
See also :
Apply Symantec's patch.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 58119 ()
Bugtraq ID: 51592
CVE ID: CVE-2011-3478
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.