Executive Summary
Summary | |
---|---|
Title | rdesktop security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0575 | First vendor Publication | 2008-07-24 |
Vendor | RedHat | Last vendor Modification | 2008-07-24 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated rdesktop package that fixes a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: rdesktop is an open source client for Microsoft Windows NT Terminal Server and Microsoft Windows 2000 and 2003 Terminal Services, capable of natively using the Remote Desktop Protocol (RDP) to present the user's NT desktop. No additional server extensions are required. An integer underflow and integer signedness issue were discovered in the rdesktop. If an attacker could convince a victim to connect to a malicious RDP server, the attacker could cause the victim's rdesktop to crash or, possibly, execute an arbitrary code. (CVE-2008-1801, CVE-2008-1803) Users of rdesktop should upgrade to these updated packages, which contain a backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 445825 - CVE-2008-1801 rdesktop: iso_recv_msg() Integer Underflow Vulnerability 445829 - CVE-2008-1803 rdesktop: channel_process() Integer Signedness Vulnerability |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0575.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11570 | |||
Oval ID: | oval:org.mitre.oval:def:11570 | ||
Title: | Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field. | ||
Description: | Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1801 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17529 | |||
Oval ID: | oval:org.mitre.oval:def:17529 | ||
Title: | USN-646-1 -- rdesktop vulnerabilities | ||
Description: | It was discovered that rdesktop did not properly validate the length of packet headers when processing RDP requests. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-646-1 CVE-2008-1801 CVE-2008-1802 CVE-2008-1803 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | rdesktop |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20140 | |||
Oval ID: | oval:org.mitre.oval:def:20140 | ||
Title: | DSA-1573-1 rdesktop - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in rdesktop, a Remote Desktop Protocol client. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1573-1 CVE-2008-1801 CVE-2008-1802 CVE-2008-1803 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | rdesktop |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21787 | |||
Oval ID: | oval:org.mitre.oval:def:21787 | ||
Title: | ELSA-2008:0575: rdesktop security update (Moderate) | ||
Description: | Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0575-01 CVE-2008-1801 CVE-2008-1803 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | rdesktop |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29234 | |||
Oval ID: | oval:org.mitre.oval:def:29234 | ||
Title: | RHSA-2008:0575 -- rdesktop security update (Moderate) | ||
Description: | An updated rdesktop package that fixes a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for Microsoft Windows NT Terminal Server and Microsoft Windows 2000 and 2003 Terminal Services, capable of natively using the Remote Desktop Protocol (RDP) to present the user's NT desktop. No additional server extensions are required. An integer underflow and integer signedness issue were discovered in the rdesktop. If an attacker could convince a victim to connect to a malicious RDP server, the attacker could cause the victim's rdesktop to crash or, possibly, execute an arbitrary code. (CVE-2008-1801, CVE-2008-1803) Users of rdesktop should upgrade to these updated packages, which contain a backported patches to resolve these issues. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0575 CESA-2008:0575-CentOS 5 CVE-2008-1801 CVE-2008-1803 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | rdesktop |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7976 | |||
Oval ID: | oval:org.mitre.oval:def:7976 | ||
Title: | DSA-1573 rdesktop -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in rdesktop, a Remote Desktop Protocol client. The Common Vulnerabilities and Exposures project identifies the following problems: Remote exploitation of an integer underflow vulnerability allows attackers to execute arbitrary code with the privileges of the logged-in user. Remote exploitation of a BSS overflow vulnerability allows attackers to execute arbitrary code with the privileges of the logged-in user. Remote exploitation of an integer signedness vulnerability allows attackers to execute arbitrary code with the privileges of the logged-in user. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1573 CVE-2008-1801 CVE-2008-1802 CVE-2008-1803 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | rdesktop |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9800 | |||
Oval ID: | oval:org.mitre.oval:def:9800 | ||
Title: | Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher. | ||
Description: | Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1803 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for rdesktop MDVSA-2008:101 (rdesktop) File : nvt/gb_mandriva_MDVSA_2008_101.nasl |
2009-03-23 | Name : Ubuntu Update for rdesktop vulnerabilities USN-646-1 File : nvt/gb_ubuntu_USN_646_1.nasl |
2009-03-06 | Name : RedHat Update for rdesktop RHSA-2008:0575-01 File : nvt/gb_RHSA-2008_0575-01_rdesktop.nasl |
2009-03-06 | Name : RedHat Update for rdesktop RHSA-2008:0576-01 File : nvt/gb_RHSA-2008_0576-01_rdesktop.nasl |
2009-03-06 | Name : RedHat Update for rdesktop RHSA-2008:0725-01 File : nvt/gb_RHSA-2008_0725-01_rdesktop.nasl |
2009-02-27 | Name : CentOS Update for rdesktop CESA-2008:0576 centos3 i386 File : nvt/gb_CESA-2008_0576_rdesktop_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for rdesktop CESA-2008:0576 centos3 x86_64 File : nvt/gb_CESA-2008_0576_rdesktop_centos3_x86_64.nasl |
2009-02-17 | Name : Fedora Update for rdesktop FEDORA-2008-3886 File : nvt/gb_fedora_2008_3886_rdesktop_fc9.nasl |
2009-02-17 | Name : Fedora Update for rdesktop FEDORA-2008-3917 File : nvt/gb_fedora_2008_3917_rdesktop_fc8.nasl |
2009-02-17 | Name : Fedora Update for rdesktop FEDORA-2008-3985 File : nvt/gb_fedora_2008_3985_rdesktop_fc7.nasl |
2009-01-23 | Name : SuSE Update for openwsman SUSE-SA:2008:041 File : nvt/gb_suse_2008_041.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200806-04 (rdesktop) File : nvt/glsa_200806_04.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1573-1 (rdesktop) File : nvt/deb_1573_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-148-01 rdesktop File : nvt/esoft_slk_ssa_2008_148_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44945 | rdesktop channel_process() Integer Signedness Remote Code Execution |
44943 | rdesktop RDP Request iso_recv_msg() Function Underflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0576.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0575.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080724_rdesktop_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080724_rdesktop_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080416_rdesktop_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0575.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2008-101.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-646-1.nasl - Type : ACT_GATHER_INFO |
2008-08-15 | Name : The remote openSUSE host is missing a security update. File : suse_rdesktop-5271.nasl - Type : ACT_GATHER_INFO |
2008-08-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_rdesktop-5272.nasl - Type : ACT_GATHER_INFO |
2008-07-28 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0576.nasl - Type : ACT_GATHER_INFO |
2008-07-25 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0575.nasl - Type : ACT_GATHER_INFO |
2008-07-25 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0576.nasl - Type : ACT_GATHER_INFO |
2008-07-25 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0725.nasl - Type : ACT_GATHER_INFO |
2008-06-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200806-04.nasl - Type : ACT_GATHER_INFO |
2008-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-148-01.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3985.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3917.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3886.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1573.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:48 |
|