Researcher claims to have found further vulnerabilities in pcAnywhere

Symantec source code leak has led to a vulnerability affecting the latest patched version, claims security expert

Code has been released that potentially enables an attacker to remotely crash Symantec product pcAnywhere.

The code was published by Johnathan Norman, who works as director of research at security firm Alert Logic. He says the code even works on fully patched versions of the software.

"I've been working on the remote pcAnywhere vulnerability reported a few weeks ago and stumbled on a few other flaws during my research. This works on patched versions as well," he stated.

The source code for pcAnywhere and Symantec's flagship Norton Antivirus products was leaked by an Indian hacking group last month.

At the time, the firm downplayed the leak, saying that it only involved old code and would not affect customers.

However, subsequently it realised that hackers could gain remote control of users' machines using information from the leaked code, and released a patch to close the vulnerability.

Symantec advised at the time that it could not ensure that the product would be completely secure, and warned users not to install it if they had not already done so.

The leak has acted as a catalyst for the online world of security watchers to explore code.

For example, an anonymous poster to the Infosec Institute recently suggested any firms still using the software should uninstall it completely, claiming that the source code leak has rendered it irretrievably insecure.

"For hackers, the sky is the limit as they now have all of the juicy details of the pcAnywhere product... We now know how their LiveUpdate system works thanks to the included architecture plans and full source code, which is also used to update Symantec's current anti-virus products. Any exploits in the code are now visible by all," the poster claimed.

Symantec was unavailable for comment at the time of writing.