Bugtraq mailing list archives
Denial of Service Against pcAnywhere.
From: vacuum () TECHNOTRONIC COM (Vacuum)
Date: Tue, 25 Apr 2000 16:40:08 -0500
While performing a routine network audit, a TCP SYN scan caused every pcAnywhere Host service on the network to stop responding. The following versions were tested, other versions may be vulnerable as well. 9.0.0 Build 133 9.2.0 Build 239 8.0.2 Build 220 Target Operating systems tested: Windows NT Server Service Pack 6a -- Running 9.0.0 and 9.2.0 Versions Windows NT Worksation Service Pack 5 Running 9.2.0 Version Windows NT Server Service Pack 4 -- Running 8.0.2 Version Using nmap version 2.30BETA21 (http://www.insecure.org/nmap) Information gathering (Does not cause the crash) nmap -sT -sU <target> Servers running pcAnywhere version 8.x show ports TCP 5631 and TCP 65301 open UDP 5632 and UDP 22 open Servers running pcAnywhere version 9.x show ports TCP 5631 and UDP 5632 open nmap -sS <target> will cause the pcAnywhere Host Service to stop responding until the service is stopped and restarted. If anyone else could confirm or deny this it would be appreciated. -vacuum http://www.technotronic.com
Current thread:
- IE 5 security vulnerablity - circumventing Cross-frame security policy using Java/JavaScript (and disabling Active Scripting is not that easy) Georgi Guninski (Apr 18)
- RFP2K03: Contemplations on dvwssr.dll and its affects on life rain forest puppy (Apr 20)
- Microsoft Security Bulletin (MS00-026) Microsoft Product Security (Apr 20)
- Re: IE 5 security vulnerablity - circumventing Cross-frame security policy using Java/JavaScript (and disabling Active Scripting is not that easy) TAKAGI, Hiromitsu (Apr 20)
- freebsd libncurses overflow Przemyslaw Frasunek (Apr 24)
- Re: freebsd libncurses overflow Kris Kennaway (Apr 24)
- Re: freebsd libncurses overflow Kris Kennaway (Apr 24)
- Re: freebsd libncurses overflow Przemyslaw Frasunek (Apr 25)
- freebsd libncurses overflow Przemyslaw Frasunek (Apr 24)
- Re: freebsd libncurses overflow Bill Fumerola (Apr 24)
- Re: freebsd libncurses overflow Theo de Raadt (Apr 26)
- Denial of Service Against pcAnywhere. Vacuum (Apr 25)
- Re: ZoneAlarm Gary Buckmaster (Apr 22)
- CVS DoS Michal Szymanski (Apr 23)
- Re: CVS DoS Kris Kennaway (Apr 24)
- Re: CVS DoS Kris Kennaway (Apr 24)
- finding Meeting Maker passwords using tcpdump mhpower () MIT EDU (Apr 24)
- ZoneAlarm Vulnerability Alfred Huger (Apr 25)
- Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit Laurent LEVIER (Apr 25)