CVE-2014-1221 – Local Code Execution in Dameware Mini Remote Control

Vulnerability title: Code Execution Vulnerability [LCE] in Dameware Mini Remote Control
CVE: CVE-2014-1221
Vendor: Dameware
Product: Mini Remote Control
Affected Version: 10.0.0.372
Fixed Version: 10.0 Hotfix 3
Reported by: Kyriakos Economou

Details:
Latest version of DameWare MRC v10.0.0.372, and possibly earlier versions, are vulnerable to arbitrary code execution when attempting to connect (or chat) to a host imported through a maliciously crafted MRCCv2.db file containing an invalid + long host name.
The PoC exploit uses full ROP to bypass DEP + ASLR. Tested in WinXP SP3 and Win7 (SP0, SP1), all 32-bit builds.
Furthermore, builds for Linux and Mac are possibly vulnerable to the same attack.
The exploit can also be triggered by importing the malicious file from a remote location.

Further details at:
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1221/

Share