CVE-2004-1852

Description

DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.

Affected products

• SolarWinds / dameware_mini_remote_control3.0 – 3.74

References

• MISChttp://www.dameware.com/support/security/bulletin.asp?ID=SB3
• MAILING_LISThttp://marc.info/?l=bugtraq&m=108016344224973&w=2
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15586
• MISChttp://securitytracker.com/id?1009557
• MISChttp://www.osvdb.org/4547
• VENDOR_ADVISORYhttp://secunia.com/advisories/11205
• MISChttp://www.securityfocus.com/bid/9959