[SECURITY] [DSA 4394-1] rdesktop security update

2019-02-1821:24:22

lists.debian.org

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.8%

JSON

Debian Security Advisory DSA-4394-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
February 18, 2019 https://www.debian.org/security/faq

Package : rdesktop
CVE ID : CVE-2018-8791 CVE-2018-8792 CVE-2018-8793 CVE-2018-8794
CVE-2018-8795 CVE-2018-8796 CVE-2018-8797 CVE-2018-8798
CVE-2018-8799 CVE-2018-8800 CVE-2018-20174
CVE-2018-20175 CVE-2018-20176 CVE-2018-20177
CVE-2018-20178 CVE-2018-20179 CVE-2018-20180
CVE-2018-20181 CVE-2018-20182

Multiple security issues were found in the rdesktop RDP client, which
could result in denial of service, information disclosure and the
execution of arbitrary code.

For the stable distribution (stretch), these problems have been fixed in
version 1.8.4-1~deb9u1.

We recommend that you upgrade your rdesktop packages.

For the detailed security status of rdesktop please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/rdesktop

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9armhfrdesktop< 1.8.4-1~deb9u1rdesktop_1.8.4-1~deb9u1_armhf.deb
Debian9mipselrdesktop< 1.8.4-1~deb9u1rdesktop_1.8.4-1~deb9u1_mipsel.deb
Debian8armhfrdesktop< 1.8.4-0+deb8u1rdesktop_1.8.4-0+deb8u1_armhf.deb
Debian9mips64elrdesktop< 1.8.4-1~deb9u1rdesktop_1.8.4-1~deb9u1_mips64el.deb
Debian9armelrdesktop< 1.8.4-1~deb9u1rdesktop_1.8.4-1~deb9u1_armel.deb
Debian9amd64rdesktop< 1.8.4-1~deb9u1rdesktop_1.8.4-1~deb9u1_amd64.deb
Debian9ppc64elrdesktop< 1.8.4-1~deb9u1rdesktop_1.8.4-1~deb9u1_ppc64el.deb
Debian9s390xrdesktop< 1.8.4-1~deb9u1rdesktop_1.8.4-1~deb9u1_s390x.deb
Debian8allrdesktop< 1.8.4-0+deb8u1rdesktop_1.8.4-0+deb8u1_all.deb
Debian9mipsrdesktop< 1.8.4-1~deb9u1rdesktop_1.8.4-1~deb9u1_mips.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	armhf	rdesktop	< 1.8.4-1~deb9u1	rdesktop_1.8.4-1~deb9u1_armhf.deb
Debian	9	mipsel	rdesktop	< 1.8.4-1~deb9u1	rdesktop_1.8.4-1~deb9u1_mipsel.deb
Debian	8	armhf	rdesktop	< 1.8.4-0+deb8u1	rdesktop_1.8.4-0+deb8u1_armhf.deb
Debian	9	mips64el	rdesktop	< 1.8.4-1~deb9u1	rdesktop_1.8.4-1~deb9u1_mips64el.deb
Debian	9	armel	rdesktop	< 1.8.4-1~deb9u1	rdesktop_1.8.4-1~deb9u1_armel.deb
Debian	9	amd64	rdesktop	< 1.8.4-1~deb9u1	rdesktop_1.8.4-1~deb9u1_amd64.deb
Debian	9	ppc64el	rdesktop	< 1.8.4-1~deb9u1	rdesktop_1.8.4-1~deb9u1_ppc64el.deb
Debian	9	s390x	rdesktop	< 1.8.4-1~deb9u1	rdesktop_1.8.4-1~deb9u1_s390x.deb
Debian	8	all	rdesktop	< 1.8.4-0+deb8u1	rdesktop_1.8.4-0+deb8u1_all.deb
Debian	9	mips	rdesktop	< 1.8.4-1~deb9u1	rdesktop_1.8.4-1~deb9u1_mips.deb