CVE-2011-3478
Vulnerability from cvelistv5
Published
2012-01-25 15:00
Modified
2024-08-06 23:37
Severity ?
Summary
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.
References
cve@mitre.orghttp://osvdb.org/show/osvdb/78532
cve@mitre.orghttp://secunia.com/advisories/48092
cve@mitre.orghttp://www.securityfocus.com/bid/51592
cve@mitre.orghttp://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00Vendor Advisory
cve@mitre.orghttp://www.zerodayinitiative.com/advisories/ZDI-12-018/
cve@mitre.orghttps://www.exploit-db.com/exploits/38599/
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/show/osvdb/78532
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/48092
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/51592
af854a3a-2127-422b-91ae-364da2661108http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.zerodayinitiative.com/advisories/ZDI-12-018/
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/38599/
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:37:47.739Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "78532",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/show/osvdb/78532"
          },
          {
            "name": "38599",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/38599/"
          },
          {
            "name": "51592",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/51592"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/"
          },
          {
            "name": "48092",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48092"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-05T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "78532",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/show/osvdb/78532"
        },
        {
          "name": "38599",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/38599/"
        },
        {
          "name": "51592",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/51592"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/"
        },
        {
          "name": "48092",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48092"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-3478",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "78532",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/show/osvdb/78532"
            },
            {
              "name": "38599",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/38599/"
            },
            {
              "name": "51592",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/51592"
            },
            {
              "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/",
              "refsource": "CONFIRM",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/"
            },
            {
              "name": "48092",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48092"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-3478",
    "datePublished": "2012-01-25T15:00:00",
    "dateReserved": "2011-09-14T00:00:00",
    "dateUpdated": "2024-08-06T23:37:47.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-3478\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2012-01-25T15:55:01.003\",\"lastModified\":\"2024-11-21T01:30:33.430\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.\"},{\"lang\":\"es\",\"value\":\"El componente de host de servicios de Symantec pcAnywhere v12.5.x a trav\u00e9s de v12.5.3, y IT Management Suite pcAnywhere Solution v7.0 (aka 12.5.x) y v7.1 (tambi\u00e9n conocido como 12.6.x), de inicio de sesi\u00f3n de filtro y los datos de autenticaci\u00f3n, es que permite control remoto atacantes para ejecutar c\u00f3digo arbitrario a trav\u00e9s de una sesi\u00f3n a mano en el puerto TCP 5631.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"067CAB0F-D513-4A70-B6C6-06EE290A2F6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F3C225-B890-47BB-9898-0EFEC969B74D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4C296DE-5385-4C59-8824-B1695D38C332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:pcanywhere:12.5:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1C797C5-7F76-4ECE-859C-B928F380A08D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:pcanywhere:12.5.539:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9C845AC-3C09-4676-964F-644A01D133CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:pcanywhere:12.6.65:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0D0B814-A9C3-4D47-B1C5-59DE0CFEDCF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:pcanywhere:12.6.65:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2415480-FC3C-45BF-B93C-F76F0C011F97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:pcanywhere:12.6.7580:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92218E59-B767-498A-8F09-20202AE643E0\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/show/osvdb/78532\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/48092\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/51592\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-12-018/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.exploit-db.com/exploits/38599/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/show/osvdb/78532\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48092\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/51592\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-12-018/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/38599/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.