2006-07-21 21:00:00
mitre
PUBLISHED
Symantec pcAnywhere 12.5 uses weak default permissions for the "SymantecpcAnywhereHosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator.