[Dshield] Holiday Announcement
clewis at iquest.net
Fri Dec 26 16:06:57 GMT 2003
Yep - I would hope that anyone using a utility like this is several steps
above a regular user and would keep things up to date as that exploit hits
older versions. It is an INCREDIBLE utility.
Here is what I got back from Tech Support just now:
"Possible" affected versions would be anything prior to version 188.8.131.52.
At this time, there are no known security issues in version 184.108.40.206 or
version 4.0 of the DameWare NT Utilities and DameWare Mini Remote Control
programs. There was a "possible" Buffer Overflow issue in older versions of
the Mini Remote Client Agent Service that was recently brought to our
attention. Although we could not duplicate the "Buffer Overflow" issue, we
were able to successfully crash the Client Agent Service and therefore we
immediately resolved this issue with the release of version 220.127.116.11, which
can be downloaded from our website at http://www.dameware.com/download.
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Johannes B. Ullrich
Sent: Friday, December 26, 2003 9:50 AM
To: General DShield Discussion List
Subject: RE: [Dshield] Holiday Announcement
:-(... lets hope they are patched. I guess I figured that since
I haven't heard of it before, it wasn't used much.
Regarding the exploit, see:
CTO SANS Internet Storm Center http://isc.sans.org
phone: (617) 786 1563
fax: (617) 786 1550 jullrich at sans.org
More information about the list