Symantec’s pcAnywhere Let Anyone Anywhere Inject Code into PCs
The Register reports Symantec is urging users to patch pcAnywhere, its remote control application, following the discovery of a brace of serious security flaws. The most severe of the two holes allows hackers to remotely inject code into vulnerable systems – made possible because a service on TCP port 5631 permits a fixed-length buffer overflow during the authentication process. This line of attack ought to be blocked by a properly configured firewall, but it’s unwise to rely on that without patching vulnerable systems. The other flaw relies on overwriting files installed by pcAnywhere in order to escalate a user’s privileges, although miscreants will already need access to a vulnerable system to do this.
