CVE-2019-3957
published 2019-06-07CVE-2019-3957: Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating…
PriorityP353high7.4CVSS 3.1
AVNACHPRNUINSUCHINAH
EPSS
25.59%
97.7th percentile
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which could crash the application or leak sensitive information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| solarwinds | dameware_mini_remote_control | <= 12.1.0.34 | — |
CVSS provenance
nvdv3.17.4HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:P
osv4.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r8ch-wqmp-x6mp: Dameware Remote Mini Control version 12
ghsa_unreviewed·2022-05-24
CVE-2019-3957 [HIGH] CWE-125 GHSA-r8ch-wqmp-x6mp: Dameware Remote Mini Control version 12
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which could crash the application or leak sensitive information.
OSV
mariadb-10.1 vulnerabilities
osv·2019-06-05·CVSS 4.4
CVE-2019-2614 mariadb-10.1 vulnerabilities
mariadb-10.1 vulnerabilities
USN-3957-1 fixed multiple vulnerabilities in MySQL. This update provides the
corresponding fixes for CVE-2019-2614 and CVE-2019-2627 in MariaDB 10.1.
Ubuntu 18.04 LTS has been updated to MariaDB 10.1.40.
In addition to security fixes, the updated package contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://mariadb.com/kb/en/library/mariadb-10140-changelog/
https://mariadb.com/kb/en/library/mariadb-10140-release-notes/
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues.
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04 have
been updated to MySQL 5.7.26.
In addition to se
OSV
mariadb-5.5 vulnerabilities
osv·2019-05-23·CVSS 4.4
CVE-2019-2614 mariadb-5.5 vulnerabilities
mariadb-5.5 vulnerabilities
USN-3957-1 fixed multiple vulnerabilities in MySQL. This update provides the
corresponding fixes for CVE-2019-2614 and CVE-2019-2627 in MariaDB 5.5.
Ubuntu 14.04 LTS has been updated to MariaDB 5.5.64.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://mariadb.com/kb/en/library/mariadb-5564-changelog/
https://mariadb.com/kb/en/library/mariadb-5564-release-notes/
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues.
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04 have
been updated to MySQL 5.7.26.
In addition to securi
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-06-07
Published