CVE-2008-1802

Published: 12 May 2008

Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.

Notes

Author	Note
jdstrand	1.5 only

Priority

Status

Package	Release	Status
rdesktop Launchpad, Ubuntu, Debian	dapper	Not vulnerable
	feisty	Released (1.5.0-1ubuntu1.1)
	gutsy	Released (1.5.0-2ubuntu0.1)
	hardy	Released (1.5.0-3+cvs20071006ubuntu0.1)
	upstream	Released (1.5.0-4+cvs20071006)
	Patches: vendor: http://www.debian.org/security/2008/dsa-1573

References

https://ubuntu.com/security/notices/USN-646-1
https://www.cve.org/CVERecord?id=CVE-2008-1802
NVD
Launchpad
Debian

Bugs

https://bugs.launchpad.net/ubuntu/+source/rdesktop/+bug/228193

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›