Detections
Analytics

SolarWinds DameWare Mini Remote Client Agent < 12.0.3 Stack Buffer Overflow

critical Nessus Plugin ID 124062

Language:

Synopsis

The remote host is running a remote management application that has a stack buffer overflow condition.

Description

The remote host is running a version of SolarWinds DameWare Mini Remote Client Agent prior to 12.0.3. A stack-based buffer overflow condition exists in DWRCS.EXE due to improper validation of user supplied data passed to wsprintfw(). An attacker can exploit this, via a specially crafted message, to execute arbitrary code.

Solution

Upgrade to SolarWinds DameWare Mini Remote Control v12.0.3 or later.

See Also

http://www.nessus.org/u?ea9bfd3f

http://www.nessus.org/u?05d43982

https://www.securifera.com/advisories/cve-2016-2345/

Plugin Details

Severity: Critical

ID: 124062

File Name: solarwinds_dameware_mini_remote_control_cve-2016-2345.nasl

Version: 1.6

Type: local

Agent: windows

Family: Windows

Published: 4/16/2019

Updated: 1/26/2022

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2016-2345

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: x-cpe:/a:solarwinds:dameware_mini_remote_control

Required KB Items: SMB/svc/dwmrcs/path

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/17/2016

Vulnerability Publication Date: 3/17/2016

Exploitable With

Core Impact

Reference Information

CVE: CVE-2016-2345

BID: 84704

CERT: 897144

IAVA: 2020-A-0392-S