3 matches found
openSUSE Security Update : xrdp (xrdp-458)
This update fixes multiple buffer overflows that can be exploited remotely to execute arbitrary code. CVE-2008-5902, CVE-2008-5903, CVE-2008-5904 Additionally xrdp does not register remote session as local anymore. Please note, the previous update was missing the patch. %NASLMINLEVEL 70300 C...
CVE-2008-5903
Array index error in the xrdpbitmapdefproc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the editpos structure member...
CVE-2008-5903
The CVE-2008-5903 entry applies to xrdp, specifically versions up to 0.4.1, where an array index error in xrdp_bitmap_def_proc (xrdp/funcs.c) can allow a remote attacker to execute arbitrary code by manipulating the edit_pos member. The connected SUSE update notes that a patch (xrdp-458) fixes mu...