{"vuid":"VU#909678","idnumber":"909678","name":"DameWare Mini Remote Control vulnerable to buffer overflow via specially crafted packets","keywords":["DameWare Mini Remote Control","specially crafted packets","DameWare Mini Remote Control Server","port 6129"],"overview":"DameWare Mini Remote Control is a lightweight remote control intended primarily for administrators and help desks for management of desktop systems. A vulnerability in DameWare Mini Remote Control may permit an unauthenticated attacker to execute arbitrary code on the system.","clean_desc":"A buffer overflow vulnerability has been discovered in versions of DameWare Mini Remote Control prior to 3.73. A remote attacker can send a specially crafted packet to the DameWare Mini Remote Control (default port 6129/TCP) to mimic a client and exploit this vulnerability against the server. Since the buffer overflow occurs in a section of the code used to handle authentication, a remote unauthenticated attacker can execute arbitrary code on the system. The CERT/CC has seen reports of active exploitation.","impact":"An unauthenticated attacker can exploit this vulnerability to execute arbitrary code.","resolution":"This vulnerability is resolved in version 3.73 or higher.","workarounds":"Block access to the DameWare Mini Remote Control Service port (default 6129/TCP) at the network perimeter. This will not mitigate attacks from within the firewall perimeter, but may mitigate attacks from outside your network.","sysaffected":"","thanks":"Wirepair has reported this vulnerability.","author":"This document was written by Jason A Rafail.","public":["http://www.dameware.com","http://sh0dan.org/files/dwmrcs372.txt","http://www.secunia.com/advisories/10439/"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2003-12-16T15:57:43Z","publicdate":"2003-12-14T00:00:00Z","datefirstpublished":"2003-12-22T16:39:10Z","dateupdated":"2003-12-22T21:16:21Z","revision":9,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"12","cam_internetinfrastructure":"10","cam_population":"10","cam_impact":"18","cam_easeofexploitation":"14","cam_attackeraccessrequired":"15","cam_scorecurrent":"29.7675","cam_scorecurrentwidelyknown":"29.7675","cam_scorecurrentwidelyknownexploited":"35.4375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":29.7675,"vulnote":null}