Lucene search

K
osvGoogleOSV:DSA-1573-1
HistoryMay 11, 2008 - 12:00 a.m.

rdesktop - several vulnerabilities

2008-05-1100:00:00
Google
osv.dev
9

0.959 High

EPSS

Percentile

99.5%

Several remote vulnerabilities have been discovered in rdesktop, a
Remote Desktop Protocol client. The Common Vulnerabilities and
Exposures project identifies the following problems:

  • CVE-2008-1801
    Remote exploitation of an integer underflow vulnerability allows
    attackers to execute arbitrary code with the privileges of the
    logged-in user.
  • CVE-2008-1802
    Remote exploitation of a BSS overflow vulnerability allows
    attackers to execute arbitrary code with the privileges of the
    logged-in user.
  • CVE-2008-1803
    Remote exploitation of an integer signedness vulnerability allows
    attackers to execute arbitrary code with the privileges of the
    logged-in user.

For the stable distribution (etch), these problems have been fixed in
version 1.5.0-1etch2.

For the unstable distribution (sid), these problems have been fixed in
version 1.5.0-4+cvs20071006.

We recommend that you upgrade your rdesktop package.

CPENameOperatorVersion
rdesktopeq1.5.0-1
rdesktopeq1.5.0-1etch1