USN-646-1: rdesktop vulnerabilities

Releases

• Ubuntu 8.04
• Ubuntu 7.10
• Ubuntu 7.04
• Ubuntu 6.06

Packages

• rdesktop -

Details

It was discovered that rdesktop did not properly validate the length
of packet headers when processing RDP requests. If a user were tricked
into connecting to a malicious server, an attacker could cause a
denial of service or possible execute arbitrary code with the
privileges of the user. (CVE-2008-1801)

Multiple buffer overflows were discovered in rdesktop when processing
RDP redirect requests. If a user were tricked into connecting to a
malicious server, an attacker could cause a denial of service or
possible execute arbitrary code with the privileges of the user.
(CVE-2008-1802)

It was discovered that rdesktop performed a signed integer comparison
when reallocating dynamic buffers which could result in a heap-based
overflow. If a user were tricked into connecting to a malicious
server, an attacker could cause a denial of service or possible
execute arbitrary code with the privileges of the user.
(CVE-2008-1802)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.04

• rdesktop - 1.5.0-3+cvs20071006ubuntu0.1

Ubuntu 7.10

• rdesktop - 1.5.0-2ubuntu0.1

Ubuntu 7.04

• rdesktop - 1.5.0-1ubuntu1.1

Ubuntu 6.06

• rdesktop - 1.4.1-1.1ubuntu0.6.06.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

References

• CVE-2008-1802
• CVE-2008-1803
• CVE-2008-1801