DameWare Mini Remote Control Pre-Authentication Username Remote Overflow

Critical Nessus Plugin ID 19554


Arbitrary code can be executed on the remote host.


The remote host is running DameWare Mini Remote Control. The remote version of this software is vulnerable to a buffer overflow attack. An attacker can exploit this flaw by sending a specially crafted packet to the remote host. Successful exploitation of this vulnerability would result in remote code execution.


Upgrade to version or later.

Plugin Details

Severity: Critical

ID: 19554

File Name: dameware_mini_remote_control_overflow2.nasl

Version: $Revision: 1.21 $

Type: remote

Agent: windows

Family: Windows

Published: 2005/09/01

Modified: 2017/10/16

Dependencies: 19553

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:ND/RC:ND

Vulnerability Information

CPE: cpe:/a:dameware:mini_remote_control

Required KB Items: DameWare/major_version, DameWare/minor_version

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2005/08/31

Exploitable With

Core Impact

ExploitHub (EH-11-812)

Reference Information

CVE: CVE-2005-2842

BID: 14707

OSVDB: 19119