Home page logo

Nmap Announce mailing list archives

Denial of Service Against pcAnywhere.
From: Vacuum <vacuum () technotronic com>
Date: Tue, 25 Apr 2000 16:40:08 -0500 (CDT)

While performing a routine network audit, a TCP SYN scan caused
every pcAnywhere Host service on the network to stop responding.

The following versions were tested, other versions may be vulnerable as

9.0.0 Build 133
9.2.0 Build 239
8.0.2 Build 220

Target Operating systems tested:
Windows NT Server Service Pack 6a -- Running 9.0.0 and 9.2.0 Versions
Windows NT Worksation Service Pack 5 Running 9.2.0 Version
Windows NT Server Service Pack 4  -- Running 8.0.2 Version

Using nmap version 2.30BETA21 (http://www.insecure.org/nmap)

Information gathering (Does not cause the crash)

nmap -sT -sU <target>

Servers running pcAnywhere version 8.x 
show ports TCP 5631 and TCP 65301 open
           UDP 5632 and UDP 22    open

Servers running pcAnywhere version 9.x 
show ports TCP 5631 and UDP 5632  open

nmap -sS <target> will cause the pcAnywhere Host Service to stop
responding until the service is stopped and restarted.

If anyone else could confirm or deny this it would be appreciated.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]