[show
ascii data]
Port Information
| Protocol |
Service |
Name |
| tcp |
dameware |
Dameware Remote Admin |
[get complete service list]
User Comments
| Submitted By |
Date |
| Comment |
| Nick FitzGerald |
2005-09-13 02:06:58 |
| Spike 31 Aug thru early September 2005 probably due to remotely
exploitable login username buffer overflow in DameWare Mini
Remote Control Client Agent Service (dwrcs.exe):
http://www.frsirt.com/english/advisories/2005/1596
Reported to affect 4.0 thru, but not including, 4.9.0.
Various versions of this agent are often surreptitiously
installed by malware as a backdoor, so random scanning may
turn up more installations than might otherwise be expected.
|
| ChrisA |
2004-04-28 00:21:35 |
| There is at least one known buffer overflow vulnerablity in versions prior to 3.73. This vulnerablity may permit an unauthenticated attacker from executing code on your system. |
| Jerry Davis |
2004-01-03 07:35:13 |
| I have also seen quite a few successful entries via this port from dameware mini r/c. It also seems to be connected to slim FTP that shows up at the same time of infection. |
| Andreas |
2003-12-22 23:18:25 |
| Probably related to http://www.securiteam.com/windowsntfocus/6N00B1P95I.html
and/or http://www.k-otik.com/exploits/08.13.nfm-shatterdame.c.php.
I've seen multiple successful intrusions via this service today. |
| Davis Ray Sickmon, Jr |
2003-12-22 07:41:30 |
| Normally associated with DameWare and DameWare mini-RC, a remote control agent. |
Add a comment
CVE Links
| CVE # |
Description |
