DameWare Mini Remote Control username buffer overflow
| dameware-username-bo (22087) |  High Risk |
Description:
DameWare Mini Remote Control is vulnerable to a buffer overflow, caused by improper validation of the username field in dwrcs.exe. By sending a specially-crafted packet to TCP port 6129 containing an overly long username value, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Platforms Affected:
- DameWare, DameWare Mini Remote Control 4.9 and prior
Remedy:
Upgrade to the latest version of DameWare Mini Remote Control (4.9.0 or later), available from the DameWare Web site. See References.
Consequences:
Gain Access
References:
- DameWare Mini Remote Control Web site, DameWare - NT Utilities at http://www.dameware.co.uk/download.asp?group=Downloads.
- Full-Disclosure Mailing List, Wed Aug 31 2005 - 15:54:20 CDT, Dameware critical hole at http://archives.neohapsis.com/archives/fulldisclosure/2005-08/1074.html.
- BID-14707: DameWare Mini Remote Control Server Pre-Authentication Username Buffer Overflow Vulnerability
- CVE-2005-2842: Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username.
- SA16655: DameWare Mini Remote Control Buffer Overflow Vulnerability
- SECTRACK ID: 1014830: DameWare Mini Remote Control Buffer Overflow in `username` Lets Remote Users Execute Arbitrary Code
- US-CERT VU#170905: DameWare Mini Remote Control vulnerable to buffer overflow via specially crafted authentication requests
- VUPEN/ADV-2005-1596: DameWare Mini Remote Control Server Buffer Overflow Vulnerability
Reported:
Aug 31, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net