Dameware critical hole

[<ad () class101 org>]

haven't notice any warning about this but someone posted that POC  to my forum and is confirming that it works, this is 
urgent to update your dameware .....

/************************************************************************************************ 
* _ ______ 
* (_)___ ____ ____ / ____/ 
* / / __ \/ __ \/ __ \/___ \ 
* / / /_/ / / / / /_/ /___/ / 
* __/ / .___/_/ /_/\____/_____/ 
* /___/_/====================== 
************************************************************************************************* 
* 
* DameWare Mini Remote Control Client Agent Service 
* Another Pre-Authentication Buffer Overflow 
* By Jackson Pollocks No5 
* www.jpno5.com 
* 
* 
* Summary 
* +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 
* DameWare Mini Remote Control is "A lightweight remote control intended primarily 
* for administrators and help desks for quick and easy deployment without 
* external dependencies and machine reboot. 
* 
* Developed specifically for the 32-bit Windows environment (Windows 95/98/Me/NT/2000/XP), 
* DameWare Mini Remote Control is capable of using the Windows challenge/response authentication 
* and is able to be run as both an application and a service. 
* 
* Some additional features include View Only, Cursor control, Remote Clipboard, Performance Settings, 
* Inactivity control, TCP only, Service Installation and Ping." 
* 
* A buffer overflow vulnerability can be exploited remotely by an unauthenticated attacker 
* who can access the DameWare Mini Remote Control Server. 
* 
* By default (DameWare Remote Control Server) DWRCS listens on port 6129 TCP. 
* An attacker can construct a specialy crafted packet and exploit this vulnerability. 
* The vulnerability is caused by insecure calls to the lstrcpyA function when checking the username. 
* 
* 
* Severity: Critical 
* 
* Impact: Code Execution 
* 
* Local: Yes 
* 
* Remote: Yes 
* 
* Patch: Download version 4.9.0 or later and install over your existing installation. 
* You can download the latest version of your DameWare Development Product at 
* http://www.dameware.com/download 
* 
* Details: Affected versions will be any ver in above 4.0 and prior to 4.9 
* of the Mini Remote Client Agent Service (dwrcs.exe). 
* 
* Discovery: i discovered this while using the dameware mini remote control client. 
* i accidently pasted in a large string of text instead of my username. 
* Clicking connect led to a remote crash of the application server. 
* 
* Credits: Can't really remember who's shellcode i used, more than likely it was 
* written by Brett Moore. 
* 
* The egghunter was written by MMiller(skape). {Which kicks ass btw} 
* 
* Thanks to spoonm for tracking that NtAccessCheckAndAuditAlarm 
* universal syscall down. 
* 
* Some creds to Adik as well, i did code my own exploit but it had none 
* of that fancy shit like OS and SP detection. So basicly i just modded 
* the payload from the old dameware exploit(ver 3.72). 
* 
* A little cred to me as well, after all i did put all them guys great 
* work together to make something decent  
* 
************************************************************************************/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/