[<prev] [next>] [day] [month] [year] [list]
From: HarrisMC at health.missouri.edu (Harris, Michael C.)
Subject: pc-anywhere (version 9.2) - telnet kills service
We found this out 3 years ago, when we started doing port scanning to identify rogue servers. You can also cause this 'denial of service' by doing nmap or nessus scans across machines running PCAnywhere. One scan to the default control port 5631 is enough to keep the service from responding to further legitimate connection attempts. A stop and restart of the host service solves the problem but it does upset support staff when you do a scan on Friday and they have to drive in over the weekend because they can't get into machines running PCAW.
here is a response from Symantec... from the way back machine
http://securityresponse.symantec.com/avcenter/venc/data/pcanywhere.denial.of.service.html
Mike
-------------------------------------------------------------------
Michael C Harris
System Security Analyst - GSEC
University of Missouri Health Center
harrismc@...lth.missouri.edu KC0PAH
-------------------------------------------------------------------
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Thorsten Mayr
Sent: Tuesday, November 11, 2003 7:52 AM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] pc-anywhere (version 9.2) - telnet kills service
doing a telnet on standard pc anywhere port 5631 onto a running pcanywhere service (running on a w2k sp4),
lead to a kill of the service/deamon. Though (old known bug the service doesn?t appear to be not working looking him up on the services snapin)
I haven?t heard of that before... though I am aware that 9.2 is a rather old version, but there are companys who won?t buy new licences all day.....
all I found about is http://lists.insecure.org/lists/vuln-dev/2001/Aug/0019.html this one
though I don?t need as described 300 - 500 conenctions.
1 or 2 are enough.
thought it might of value for some...
(same happened on a nt 4.0 sp6a)
rgds
Thorsten
Thorsten Mayr
Kitcon GmbH
we do It :)
Powered by blists - more mailing lists