(LiveHacking.Com) – In the on going saga about source code stolen from Symantec in 2006, the company has now updated its “Claims by Anonymous about Symantec Source Code” to notify its customers that “all pcAnywhere 12.0, 12.1 and 12.5 customers are at increased risk” and to “recommends that customers only use pcAnywhere for business critical purposes.”
It has also published a White Paper discussing the security implications where it says “Malicious users with access to the source code have an
increased ability to identify vulnerabilities and build new exploits.” Since pcAnywhere allows for direct PC to PC communication, the theft of the source code has made the encoding and encryption elements within pcAnywhere vulnerable. This makes it possible for a hacker to launch a successful man-in-the-middle attack (depending on configuration and use). If a man-in-the-middle attack should occur, the malicious user could steal session data or credentials.
The white paper also outlines some pcAnywhere Security Best Practices including blocking the pcAnywhere assigned ports (5631, 5632) on Internet facing network connections and disabling or removing Access Server and use remote sessions via secure VPN tunnels.