CVE-2014-1221 – Local Code Execution in Dameware Mini Remote Control

Vulnerability title: Code Execution Vulnerability [LCE] in Dameware Mini Remote Control
CVE: CVE-2014-1221
Vendor: Dameware
Product: Mini Remote Control
Affected Version:
Fixed Version: 10.0 Hotfix 3
Reported by: Kyriakos Economou

Latest version of DameWare MRC v10.0.0.372, and possibly earlier versions, are vulnerable to arbitrary code execution when attempting to connect (or chat) to a host imported through a maliciously crafted MRCCv2.db file containing an invalid + long host name.
The PoC exploit uses full ROP to bypass DEP + ASLR. Tested in WinXP SP3 and Win7 (SP0, SP1), all 32-bit builds.
Furthermore, builds for Linux and Mac are possibly vulnerable to the same attack.
The exploit can also be triggered by importing the malicious file from a remote location.

Further details at:

All Rights R3v3rs3d