CVE-2008-1802

2008-05-1216:20:00

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.92

Percentile

98.9%

JSON

Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.

OSVersionArchitecturePackageVersionFilename
Debian12allrdesktop< 1.5.0-4+cvs20071006rdesktop_1.5.0-4+cvs20071006_all.deb
Debian11allrdesktop< 1.5.0-4+cvs20071006rdesktop_1.5.0-4+cvs20071006_all.deb
Debian999allrdesktop< 1.5.0-4+cvs20071006rdesktop_1.5.0-4+cvs20071006_all.deb
Debian13allrdesktop< 1.5.0-4+cvs20071006rdesktop_1.5.0-4+cvs20071006_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	rdesktop	< 1.5.0-4+cvs20071006	rdesktop_1.5.0-4+cvs20071006_all.deb
Debian	11	all	rdesktop	< 1.5.0-4+cvs20071006	rdesktop_1.5.0-4+cvs20071006_all.deb
Debian	999	all	rdesktop	< 1.5.0-4+cvs20071006	rdesktop_1.5.0-4+cvs20071006_all.deb
Debian	13	all	rdesktop	< 1.5.0-4+cvs20071006	rdesktop_1.5.0-4+cvs20071006_all.deb