Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1801

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-1801
Last Modified 07 Mar 2011 10:07:39
Published 12 May 2008 12:20:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1801

Summary

Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.

Vulnerable Systems

Application

  • Rdesktop 1.5.0


References

XF - rdesktop-isorecvmsg-code-execution(42272)

VUPEN - ADV-2008-2403

VUPEN - ADV-2008-1467

UBUNTU - USN-646-1

SECTRACK - 1019990

REDHAT - RHSA-2008:0725

REDHAT - RHSA-2008:0576

REDHAT - RHSA-2008:0575

MILW0RM - 5561

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm

SUNALERT - 240708

SLACKWARE - SSA:2008-148-01

GENTOO - GLSA-200806-04

SECUNIA - 31928

SECUNIA - 31224

SECUNIA - 31222

SECUNIA - 30713

SECUNIA - 30380

CONFIRM - http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/iso.c?r1=1.19&r2=1.20&pathrev=HEAD

IDEFENSE - 20080507 Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability

BID - 29097

FEDORA - FEDORA-2008-3985

FEDORA - FEDORA-2008-3917

FEDORA - FEDORA-2008-3886

MANDRIVA - MDVSA-2008:101

DEBIAN - DSA-1573

SECUNIA - 30248

SECUNIA - 30118


Last Updated: 27 May 2016 10:47:40