Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	APP:SOLARWINDS-CVE-2019-3955
Severity	Minor
Recommended	Yes
Recommended Action	Drop
Category	APP
Keywords	SolarWinds DameWare Mini Remote Control Heap Buffer Overflow
Release Date	2019/09/17
Update Number	3208
Supported Platforms	srx-17.3+, srx-branch-17.4+, vsrx-15.1+, vsrx3bsd-18.2+

APP: SolarWinds DameWare Mini Remote Control Heap Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the SolarWinds DameWare Mini Remote Control. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the administrator.

Extended Description

Dameware Remote Mini Control version 12.1.0.34 and prior contains a unauthenticated remote heap overflow due to the server not properly validating RsaPubKeyLen during key negotiation. An unauthenticated remote attacker can cause a heap buffer overflow by specifying a large RsaPubKeyLen, which could cause a denial of service.

Affected Products

Dameware remote_mini_control 12.1.0.34

References

CVE: CVE-2019-3957
CVE: CVE-2019-3955

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: SolarWinds DameWare Mini Remote Control Heap Buffer Overflow

Extended Description

Affected Products

References