Several remote vulnerabilities have been discovered in rdesktop, a
Remote Desktop Protocol client. The Common Vulnerabilities and
Exposures project identifies the following problems:
- CVE-2008-1801
Remote exploitation of an integer underflow vulnerability allows
attackers to execute arbitrary code with the privileges of the
logged-in user.
- CVE-2008-1802
Remote exploitation of a BSS overflow vulnerability allows
attackers to execute arbitrary code with the privileges of the
logged-in user.
- CVE-2008-1803
Remote exploitation of an integer signedness vulnerability allows
attackers to execute arbitrary code with the privileges of the
logged-in user.
For the stable distribution (etch), these problems have been fixed in
version 1.5.0-1etch2.
For the unstable distribution (sid), these problems have been fixed in
version 1.5.0-4+cvs20071006.
We recommend that you upgrade your rdesktop package.