Full Disclosure mailing list archives
RE: pc-anywhere (version 9.2) - telnet kills service
From: "Harris, Michael C." <HarrisMC () health missouri edu>
Date: Tue, 11 Nov 2003 10:58:20 -0600
We found this out 3 years ago, when we started doing port scanning to identify rogue servers. You can also cause this 'denial of service' by doing nmap or nessus scans across machines running PCAnywhere. One scan to the default control port 5631 is enough to keep the service from responding to further legitimate connection attempts. A stop and restart of the host service solves the problem but it does upset support staff when you do a scan on Friday and they have to drive in over the weekend because they can't get into machines running PCAW. here is a response from Symantec... from the way back machine http://securityresponse.symantec.com/avcenter/venc/data/pcanywhere.denial.of.service.html Mike ------------------------------------------------------------------- Michael C Harris System Security Analyst - GSEC University of Missouri Health Center harrismc () health missouri edu KC0PAH ------------------------------------------------------------------- -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Thorsten Mayr Sent: Tuesday, November 11, 2003 7:52 AM To: full-disclosure () lists netsys com Subject: [Full-disclosure] pc-anywhere (version 9.2) - telnet kills service doing a telnet on standard pc anywhere port 5631 onto a running pcanywhere service (running on a w2k sp4), lead to a kill of the service/deamon. Though (old known bug the service doesn´t appear to be not working looking him up on the services snapin) I haven´t heard of that before... though I am aware that 9.2 is a rather old version, but there are companys who won´t buy new licences all day..... all I found about is http://lists.insecure.org/lists/vuln-dev/2001/Aug/0019.html this one though I don´t need as described 300 - 500 conenctions. 1 or 2 are enough. thought it might of value for some... (same happened on a nt 4.0 sp6a) rgds Thorsten Thorsten Mayr Kitcon GmbH we do It :) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- pc-anywhere (version 9.2) - telnet kills service Thorsten Mayr (Nov 11)
- <Possible follow-ups>
- RE: pc-anywhere (version 9.2) - telnet kills service Harris, Michael C. (Nov 11)