Dameware Remote Mini Control version 12.1.0.34 and prior contains a unauthenticated remote heap overflow due to the server not properly validating RsaPubKeyLen during key negotiation. An unauthenticated remote attacker can cause a heap buffer overflow by specifying a large RsaPubKeyLen, which could cause a denial of service.
[
{
"product": "Solarwinds Dameware Remote Mini Controller",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 12.1.0.34"
}
]
}
]