CVE-2004-1852 — MEDIUM (5.0)

Q: What is CVE-2004-1852?

CVE-2004-1852 is a vulnerability with a CVSS score of 5.0 (MEDIUM). DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.

Q: How severe is CVE-2004-1852?

CVE-2004-1852 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2004-1852?

Check the references section above for vendor advisories and patch information. Affected products include: Solarwinds Dameware Mini Remote Control.

Vulnerability Description

DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Solarwinds	Dameware Mini Remote Control	>= 3.0, < 3.74

Related Weaknesses (CWE)

CWE-319

References

http://marc.info/?l=bugtraq&m=108016344224973&w=2Mailing ListThird Party Advisory
http://secunia.com/advisories/11205Broken LinkPatchVendor Advisory
http://securitytracker.com/id?1009557Broken LinkThird Party AdvisoryVDB Entry
http://www.dameware.com/support/security/bulletin.asp?ID=SB3ProductVendor Advisory
http://www.osvdb.org/4547Broken LinkVendor Advisory
http://www.securityfocus.com/bid/9959Broken LinkPatchThird Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15586Third Party AdvisoryVDB Entry
http://marc.info/?l=bugtraq&m=108016344224973&w=2Mailing ListThird Party Advisory
http://secunia.com/advisories/11205Broken LinkPatchVendor Advisory
http://securitytracker.com/id?1009557Broken LinkThird Party AdvisoryVDB Entry
http://www.dameware.com/support/security/bulletin.asp?ID=SB3ProductVendor Advisory
http://www.osvdb.org/4547Broken LinkVendor Advisory
http://www.securityfocus.com/bid/9959Broken LinkPatchThird Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15586Third Party AdvisoryVDB Entry

FAQ

What is CVE-2004-1852?

CVE-2004-1852 is a vulnerability with a CVSS score of 5.0 (MEDIUM). DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.

How severe is CVE-2004-1852?

CVE-2004-1852 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2004-1852?

Check the references section above for vendor advisories and patch information. Affected products include: Solarwinds Dameware Mini Remote Control.