lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: tmayr at (Thorsten Mayr)
Subject: AW: pc-anywhere (version 9.2) - telnet kills service

Thanks for information,
Looks like I was too blind finding symantecs response on that..
I know how upsetting it is - as we got some new clients using symantec's pc anywhere 9.2....
Got a lot of work to get these guys kind of up to date...

Topic closed ;)


> -----Urspr?ngliche Nachricht-----
> Von: 
> [] Im Auftrag 
> von Harris, Michael C.
> Gesendet: Dienstag, 11. November 2003 17:58
> An:
> Betreff: RE: [Full-Disclosure] pc-anywhere (version 9.2) - 
> telnet kills service
> We found this out 3 years ago, when we started doing port 
> scanning to identify rogue servers.  You can also cause this 
> 'denial of service' by doing nmap or nessus scans across 
> machines running PCAnywhere.  One scan to the default control 
> port 5631 is enough to keep the service from responding to 
> further legitimate connection attempts.  A stop and restart 
> of the host service solves the problem but it does upset 
> support staff when you do a scan on Friday and they have to 
> drive in over the weekend because they can't get into 
> machines running PCAW. 
> here is a response from Symantec... from the way back machine  

Michael C Harris 
System Security Analyst - GSEC 
University of Missouri Health Center  KC0PAH 

-----Original Message-----
From: []On Behalf Of Thorsten Mayr
Sent: Tuesday, November 11, 2003 7:52 AM
Subject: [Full-Disclosure] pc-anywhere (version 9.2) - telnet kills service

doing a telnet on standard pc anywhere port 5631 onto a running pcanywhere service (running on a w2k sp4), lead to a kill of  the service/deamon. Though (old known bug the service doesn?t appear to be not working looking him up on the services snapin) I haven?t heard of that before... though I am aware that 9.2 is a rather old version, but there are companys who won?t buy new licences all day..... all I found about is this one though I don?t need as described 300 - 500 conenctions. 1 or 2 are enough.

thought it might of value for some...
(same happened on a nt 4.0 sp6a)


Thorsten Mayr
Kitcon GmbH 
we do It :)

Full-Disclosure - We believe in it.

Powered by blists - more mailing lists