| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0EDAAACD0E80514C8C13035C7573D01B2775FB@majestix.FRANKFURT.KITCON.COM> From: tmayr at kitcon.net (Thorsten Mayr) Subject: AW: pc-anywhere (version 9.2) - telnet kills service Thanks for information, Looks like I was too blind finding symantecs response on that.. I know how upsetting it is - as we got some new clients using symantec's pc anywhere 9.2.... Got a lot of work to get these guys kind of up to date... Topic closed ;) Thorsten > -----Urspr?ngliche Nachricht----- > Von: full-disclosure-admin@...ts.netsys.com > [mailto:full-disclosure-admin@...ts.netsys.com] Im Auftrag > von Harris, Michael C. > Gesendet: Dienstag, 11. November 2003 17:58 > An: full-disclosure@...ts.netsys.com > Betreff: RE: [Full-Disclosure] pc-anywhere (version 9.2) - > telnet kills service > > > We found this out 3 years ago, when we started doing port > scanning to identify rogue servers. You can also cause this > 'denial of service' by doing nmap or nessus scans across > machines running PCAnywhere. One scan to the default control > port 5631 is enough to keep the service from responding to > further legitimate connection attempts. A stop and restart > of the host service solves the problem but it does upset > support staff when you do a scan on Friday and they have to > drive in over the weekend because they can't get into > machines running PCAW. > > here is a response from Symantec... from the way back machine > http://securityresponse.symantec.com/avcenter/venc/data/pcanywhere.denial.of.service.html Mike ------------------------------------------------------------------- Michael C Harris System Security Analyst - GSEC University of Missouri Health Center harrismc@...lth.missouri.edu KC0PAH ------------------------------------------------------------------- -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Thorsten Mayr Sent: Tuesday, November 11, 2003 7:52 AM To: full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] pc-anywhere (version 9.2) - telnet kills service doing a telnet on standard pc anywhere port 5631 onto a running pcanywhere service (running on a w2k sp4), lead to a kill of the service/deamon. Though (old known bug the service doesn?t appear to be not working looking him up on the services snapin) I haven?t heard of that before... though I am aware that 9.2 is a rather old version, but there are companys who won?t buy new licences all day..... all I found about is http://lists.insecure.org/lists/vuln-dev/2001/Aug/0019.html this one though I don?t need as described 300 - 500 conenctions. 1 or 2 are enough. thought it might of value for some... (same happened on a nt 4.0 sp6a) rgds Thorsten Thorsten Mayr Kitcon GmbH we do It :) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists