Jump to content


Photo

Symantec pcAnywhere updated


  • Please log in to reply
1 reply to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,919 posts

Posted 25 January 2012 - 06:00 AM

FYI...

Symantec pcAnywhere update
- https://secunia.com/advisories/47744/
Last Update: 2012-01-26
Criticality level: Moderately critical
Impact: Privilege escalation, System access
Where: From local network
CVE Reference(s):
- http://web.nvd.nist....d=CVE-2011-3478 - 10.0 (HIGH)
- http://web.nvd.nist....d=CVE-2011-3479 - 4.3
... exploitation of this vulnerability may allow execution of arbitrary code.
The security issue and the vulnerability are reported in the following products:
Symantec pcAnywhere version 12.5.x, Symantec Altiris IT Management Suite version 7.0, Symantec Altiris IT Management Suite version 7.1
Solution: Apply hotfix TECH179526.
Original Advisory: Symantec:
http://www.symantec....uid=20120124_00
Jan 24, 2012 - SYM12-002 - Severity: High

pcAnywhere hotfix - Article: TECH179526
- http://www.symantec....t&id=TECH179526
Updated: 2012-01-25 - "... Symantec pcAnywhere 12.5.x users should upgrade to the latest supported version, 12.5.3, prior to applying the hotfix or reapply the hotfix once they upgrade to the 12.5.3 version."
___

- http://www.securityt....com/id/1026576
Updated: Jan 25 2012

:!: :ph34r:

Edited by AplusWebMaster, 27 January 2012 - 07:32 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,919 posts

Posted 25 January 2012 - 11:40 PM

FYI...

pcAnywhere users – patch now!
- https://isc.sans.edu...l?storyid=12463
Last Updated: 2012-01-25 22:24:12 UTC - "Symantec released a patch for pcAnywhere products that fixes couple of vulnerabilities, among which the most dangerous one allows remote code execution... for last couple of weeks there have been a lot of rumors about source code of several Symantec’s products that got stolen by yet unknown hackers. Besides a post that listed file names nothing else has been released in public yet, as far as we know... if you are a pcAnywhere user – PATCH NOW.
Update:
And a short update: according to DShield data it appears that someone started scanning around for services on port 5631 (pcAnywhere). While the number of sources is still relatively low (indicating a single scanner, or a small number of them), the number of targets is pretty high. See for yourself here*."
* https://isc.sans.edu....html?port=5631

pcAnywhere hotfix - Article: TECH179526
- http://www.symantec....t&id=TECH179526
Updated: 2012-01-26
- http://clientui-kb.s...=&id=TECH179526
Updated: 2012-01-28 - Technical Solution for pcAnywhere 12.0 12.5 12.5 SP3, pcAnywhere Solution 12.5 12.6 12.6.2
Updated: 2012-01-30 - Technical Solution for pcAnywhere 12.5 12.5 SP3, pcAnywhere Solution 12.5 12.6 12.6.2 ...
Updated: 2012-02-02 - Technical Solution for pcAnywhere 12.0 12.5 12.5 SP3, pcAnywhere Solution 12.5 12.6 12.6.2

:ph34r: :!:

Edited by AplusWebMaster, 07 February 2012 - 09:15 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button