Dameware Development Security Vulnerabilities

CVE-2003-1030

Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129.

CVE-2004-1851

Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, which makes it easier for remote attackers to obtain sensitive information via brute force guessing.

CVE-2005-1088

Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mini Remote Control 4.8 and earlier, allows local users to gain additional rights.

CVE-2005-1166

The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information.

CVE-2005-2842

Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username.