Detections
Analytics
GLSA-200806-04 : rdesktop: Multiple vulnerabilities
high Nessus Plugin ID 33189
Synopsis
The remote Gentoo host is missing one or more security-related patches.Description
The remote host is affected by the vulnerability described in GLSA-200806-04 (rdesktop: Multiple vulnerabilities)An anonymous researcher reported multiple vulnerabilities in rdesktop via iDefense Labs:
An integer underflow error exists in the function iso_recv_msg() in the file iso.c which can be triggered via a specially crafted RDP request, causing a heap-based buffer overflow (CVE-2008-1801).
An input validation error exists in the function process_redirect_pdu() in the file rdp.c which can be triggered via a specially crafted RDP redirect request, causing a BSS-based buffer overflow (CVE-2008-1802).
An integer signedness error exists in the function xrealloc() in the file rdesktop.c which can be be exploited to cause a heap-based buffer overflow (CVE-2008-1803).
Impact :
An attacker could exploit these vulnerabilities by enticing a user to connect to a malicious RDP server thereby allowing the attacker to execute arbitrary code or cause a Denial of Service.
Workaround :
There is no known workaround at this time.
Solution
All rdesktop users should upgrade to the latest version:# emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/rdesktop-1.6.0'
See Also
Plugin Details
Severity: High
ID: 33189
File Name: gentoo_GLSA-200806-04.nasl
Version: 1.16
Type: local
Family: Gentoo Local Security Checks
Published: 6/16/2008
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:gentoo:linux:rdesktop, cpe:/o:gentoo:linux
Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list
Patch Publication Date: 6/14/2008