CVE-2006-3784

Currently unrated

Key Information:

Vendor: Symantec
Status: Pcanywhere
Vendor: CVE Published:; 24 July 2006

Summary

Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator.

References

http://secunia.com/advisories/21113

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2006/2874

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/archive/1/440448/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Jul 24, 2006
Vulnerability Reserved
Jul 21, 2006