Symantec pcAnywhere Insecure File Permission Vulnerability
Release date:
Updated on:
Affected Systems:
Symantec pcAnywhere 12.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51593
Cve id: CVE-2011-3479
Symantec PCAnywhere is the world's best-selling remote control solution for managing servers and providing administrative support.
PcAnywhere uses global writable permissions for product installation files, allowing local users to obtain permissions by modifying files.
<* Source: Edward Torkington
Link: http://www.symantec.com/security_response/securityupdates/detail.jsp? Fid = security_advisory & pvid = security_advisory & year = 2012 & suid = 2012424_00
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Symantec
--------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.symantec.com/business/security_response/