{"vuid":"VU#897144","idnumber":"897144","name":"Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow","keywords":["buffer overflow"],"overview":"The Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow.","clean_desc":"CWE-121: Stack-based Buffer Overflow - CVE-2016-2345 Solarwinds Dameware Remote Mini Controller is a software for assisting in remote desktop connections for helpdesk support. According to the reporter, the Solarwinds Dameware Remote Mini Controller Windows service, dwrcs.exe, is vulnerable to stack-based buffer overflow. A remote attacker sending carefully crafted data may be able to obtain private information or execute code. The researcher has published an advisory with more information. The CERT/CC has not been able to confirm this information with the vendor.","impact":"An unauthenticated remote attacker may be able to obtain private information or execute code in the SYSTEM context.","resolution":"Apply an update Solarwinds has released version 12.0.3 to address this issue. Affected users should update as soon as possible.","workarounds":"Restrict Network Access As a general good security practice, only allow connections from trusted hosts and networks. Please consult for your firewall product's manual for more information.","sysaffected":"","thanks":"Thanks to Ryan Wincey for reporting this vulnerability.","author":"This document was written by Garret Wassermann.","public":["https://www.securifera.com/advisories/CVE-2016-2345","http://cwe.mitre.org/data/definitions/121.html"],"cveids":["CVE-2016-2345"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2015-12-18T15:23:15Z","publicdate":"2016-03-17T00:00:00Z","datefirstpublished":"2016-03-17T16:11:15Z","dateupdated":"2016-04-18T17:37:19Z","revision":34,"vrda_d1_directreport":"1","vrda_d1_population":"1","vrda_d1_impact":"1","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"M","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"P","cvss_availabilityimpact":"P","cvss_exploitablity":null,"cvss_remediationlevel":"U","cvss_reportconfidence":"UR","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"M","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"6.8","cvss_basevector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","cvss_temporalscore":"5.8","cvss_environmentalscore":"4.37482289122594","cvss_environmentalvector":"CDP:ND/TD:M/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}