January 23rd, 2004, 04:33 AM
pcanywhere local exploit
This is about a month old but for those who aren’t aware of it (as I wasn’t)
PcAnywhere versions 10-11 allow a local user running with minimum privileges to access files as system. winhlp32 for ver. 10 and hh.exe for var. 11 (which run as system) can be accessed from the host help option allowing a user to browse files, change NTFS permissions or open a command prompt.
This is only a local exploit but there are some companies that what their systems locked down pretty tight.
A fix is available threw Symantic updates
BTW the same condition exists in Outpost Firewall
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
January 27th, 2004, 06:09 PM
I didn't know bout that either, Ted....thanks for the heads up!