Published: 12/05/2008 Updated: 29/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote malicious users to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rdesktop rdesktop 1.5.0

It was discovered that rdesktop did not properly validate the length of packet headers when processing RDP requests If a user were tricked into connecting to a malicious server, an attacker could cause a denial of service or possible execute arbitrary code with the privileges of the user (CVE-2008-1801) ...

Several remote vulnerabilities have been discovered in rdesktop, a Remote Desktop Protocol client The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1801 Remote exploitation of an integer underflow vulnerability allows attackers to execute arbitrary code with the privileges of the logged-in us ...

Debian Bug report logs - #480133 rdesktop: CVE-2008-1801 remote code execution Package: rdesktop; Maintainer for rdesktop is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for rdesktop is src:rdesktop (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 8 May 2008 08:54:01 UTC Severity: gra ...

Debian Bug report logs - #480134 rdesktop: CVE-2008-1802 remote code execution via crafted RDP redirect request Package: rdesktop; Maintainer for rdesktop is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for rdesktop is src:rdesktop (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 8 May ...

Debian Bug report logs - #480135 rdesktop: CVE-2008-1803 integer signedness vulnerability in channel_process() Package: rdesktop; Maintainer for rdesktop is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for rdesktop is src:rdesktop (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 8 May ...

#!/usr/bin/perl # # labsidefensecom/intelligence/vulnerabilities/displayphp?id=697 use strict; use IO::Socket; my $sock = IO::Socket::INET->new(LocalAddr => '0000', LocalPort => '3389', Listen => 1, Reuse => 1) || die($!); my $evil = "\x03\x00\x01\x47\x02\xf0\x80\x68\x00\x01\x03\xeb\x70\x81\x38" "\x01\x00\x10\x0 ...

CWE-119 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697 http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101&r2=1.102&pathrev=HEAD http://www.debian.org/security/2008/dsa-1573 http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:101 http://www.securityfocus.com/bid/29097 http://secunia.com/advisories/30118 http://secunia.com/advisories/30248 http://secunia.com/advisories/30713 http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1 http://security.gentoo.org/glsa/glsa-200806-04.xml http://www.ubuntu.com/usn/usn-646-1 http://secunia.com/advisories/31928 http://www.securitytracker.com/id?1019991 http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm http://www.vupen.com/english/advisories/2008/2403 http://www.vupen.com/english/advisories/2008/1467/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42275 https://www.exploit-db.com/exploits/5585 https://nvd.nist.gov https://usn.ubuntu.com/646-1/https://www.exploit-db.com/exploits/5585/

CVE-2008-1802

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect