pcAnywhere let anyone anywhere inject code into PCs
From http://www.theregister.co.uk/2012/01...nywhere_patch/
Quote:
Symantec is urging users to patch pcAnywhere, its remote control application, following the discovery of a brace of serious security flaws.
The most severe of the two holes allows hackers to remotely inject code into vulnerable systems - made possible because a service on TCP port 5631 permits a fixed-length buffer overflow during the authentication process. This line of attack ought to be blocked by a properly configured firewall, but it'd be stupid to rely on that without patching vulnerable systems.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|