Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0300

6 documents4 sources

Severity

10.0CRITICAL

EPSS

1.4%

top 19.64%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Pcanywhere

Timeline

PublishedApr 6

Latest updateApr 30

Description

The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDsymantec/pcanywhere9.0

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-fvrm-4gj8-jr73: The default encryption method of PcAnywhere 9↗2022-04-30

▶

CVEList

CVE-2000-0300: The default encryption method of PcAnywhere 9↗2000-04-26

▶

💥Exploits & PoCs

Exploit-DB

Cisco VPN Client - Integer Overflow Denial of Service↗2009-11-21

▶

Exploit-DB

GNUJSP 1.0 - File Disclosure↗2002-02-19

▶

Exploit-DB

Symantec pcAnywhere 9.0 - Weak Encryption↗2000-04-06

▶