This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing a security update.
An integer underflow vulnerability was discovered in the rdesktop. If
an attacker could convince a victim to connect to a malicious RDP
server, the attacker could cause the victim's rdesktop to crash or,
possibly, execute an arbitrary code. (CVE-2008-1801)
Additionally, the following bug was fixed :
A missing command line option caused rdesktop to fail when using the
krdc remote desktop utility. Using krdc to connect to a terminal
server resulted in errors such as the following :
The version of rdesktop you are using ([version]) is too old :
rdesktop [version] or greater is required. A working patch for
rdesktop [version] can be found in KDE CVS.
In this updated package, krdc successfully connects to terminal
See also :
Update the affected rdesktop package.
Risk factor :
High / CVSS Base Score : 9.3
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60384 ()
CVE ID: CVE-2008-1801
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.