Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Windows --> Category: infos

pcAnywhere Launch with Windows Privilege Escalation Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Checks for Launch with Windows privilege escalation vulnerability in pcAnywhere

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote control software on the remote host is affected by a local
privilege escalation flaw.

Description :

The remote host is running pcAnywhere, a remote control software
program for Windows.

According to the Windows registry, the installed version of pcAnywhere
fails to prevent a local user from gaining SYSTEM rights by
manipulating the 'Caller Properties' feature to run arbitrary commands
when pcAnywhere is configured to run as a service.

See also :

http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html

Solution :

Upgrade to pcAnywhere version 11.5 or later.

Threat Level:

Medium / CVSS Base Score : 4
(AV:L/AC:L/Au:R/C:C/A:C/I:C/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.