| VID |
23125 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The DameWare Mini Remote Control software, according to its version number, has an information disclosure vulnerability. DameWare Mini Remote Control is a lightweight remote control program primarily intended for use by administrators. DameWare Mini Remote Control versions 4.9 and earlier could allow a local attacker to obtain sensitive information. When the process DWRCS (remote machine or server machine) is dumped from memory to a file with PMDump can obtain information of program settings, user name and authentication type but not the password. When the process DWRCC (client machine or local machine) is dumped from memory to a file with PMDump can obtain all users, passwords, hostname/ip, alias and domain name.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.shellsec.net/leer_advisory.php?id=7
http://securitytracker.com/alerts/2005/Apr/1013725.html
http://www.securityfocus.com/archive/1/395987
* Platforms Affected:
DameWare Development LLC, DameWare Mini Remote Control versions 4.9 and earlier
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of May 2005
Upgrade to the latest version of DameWare Mini Remote Control (4.9 later), when new version fixed this problem becomes available from the DameWare Products Development Web site at http://www.dameware.com/downloads |
| Related URL |
CVE-2005-1166 (CVE) |
| Related URL |
13199 (SecurityFocus) |
| Related URL |
20138 (ISS) |
|
