Information Security all in one place!

NSIT Patch Notification: Symantec PCAnywhere Local Privilege Escalation, Remote Code

Edward Torkington of NGS Secure has discovered a high risk vulnerability in Symantec PCAnywhere

Impact: Local Privilege Escalation

Versions affected:

Symantec pcAnywhere 12.5.x
IT ManagementSuite 7.0 pcAnywhere Solution 12.5.x

IT Management Suite 7.1 pcAnywhere Solution 12.6.x

An updated version of the software has been released to address these vulnerabilities:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00

Image representing Symantec as depicted in Cru...

Image via CrunchBase

NGS Secure is going to withhold details of this flaw for three months. This three month window will allow users the time needed to apply the patch before the details are released to the general public. This reflects the NGS Secure approach to responsible disclosure.

Edward Torkington of NGS Secure has discovered a critical vulnerability in Symantec PCAnywhere

Impact: Remote Code Execution (pre-auth) as SYSTEM

Versions affected:
Symantec pcAnywhere 12.5.x
IT Management Suite 7.0 pcAnywhere Solution 12.5.x
IT Management Suite 7.1 pcAnywhere Solution 12.6.x

An updated version of the software has been released to address these vulnerabilities:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00

NGS Secure is going to withhold details of this flaw for three months. This three month window will allow users the time needed to apply the patch before the details are released to the general public. This reflects the NGS Secure approach to responsible disclosure.

NGS Secure Research
http://www.ngssecure.com

Advertisements

One response

  1. Pingback: Security Earthquake That Nobody Felt « NetSecurityIT

Let's hear what you have to say.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s