Overview
DameWare Mini Remote Control is a lightweight remote control intended primarily for administrators and help desks for management of desktop systems. A vulnerability in DameWare Mini Remote Control may permit an unauthenticated attacker to execute arbitrary code on the system.
Description
A buffer overflow vulnerability has been discovered in versions of DameWare Mini Remote Control prior to 3.73. A remote attacker can send a specially crafted packet to the DameWare Mini Remote Control (default port 6129/TCP) to mimic a client and exploit this vulnerability against the server. Since the buffer overflow occurs in a section of the code used to handle authentication, a remote unauthenticated attacker can execute arbitrary code on the system. The CERT/CC has seen reports of active exploitation. |
Impact
An unauthenticated attacker can exploit this vulnerability to execute arbitrary code. |
Solution
This vulnerability is resolved in version 3.73 or higher. |
Block access to the DameWare Mini Remote Control Service port (default 6129/TCP) at the network perimeter. This will not mitigate attacks from within the firewall perimeter, but may mitigate attacks from outside your network. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Wirepair has reported this vulnerability.
This document was written by Jason A Rafail.
Other Information
| CVE IDs: | None |
| Severity Metric: | 29.77 |
| Date Public: | 2003-12-14 |
| Date First Published: | 2003-12-22 |
| Date Last Updated: | 2003-12-22 21:16 UTC |
| Document Revision: | 9 |