Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2008-AVI-322
Vulnerability from certfr_avis
Une vulnérabilité permettant l'exécution de code arbitraire affecte rdesktop lors du traitement des requêtes RDP.
Description
rdesktop est un client permettant aux utilisateurs de systèmes de type Unix de se connecter au Windows Terminal Server et d'accéder graphiquement et à distance à leur bureau Windows. La vulnérabilité, de type débordement de mémoire, affecte une fonction utilisée pour le traitement des requêtes RDP.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
rdesktop version 1.5 et antérieures
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cSPAN class=\"textit\"\u003erdesktop\u003c/SPAN\u003e version 1.5 et ant\u00e9rieures",
"content": "## Description\n\nrdesktop est un client permettant aux utilisateurs de syst\u00e8mes de type\nUnix de se connecter au Windows Terminal Server et d\u0027acc\u00e9der\ngraphiquement et \u00e0 distance \u00e0 leur bureau Windows. La vuln\u00e9rabilit\u00e9, de\ntype d\u00e9bordement de m\u00e9moire, affecte une fonction utilis\u00e9e pour le\ntraitement des requ\u00eates RDP.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-1802",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1802"
},
{
"name": "CVE-2008-1801",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1801"
},
{
"name": "CVE-2008-1803",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1803"
}
],
"initial_release_date": "2008-06-17T00:00:00",
"last_revision_date": "2008-06-17T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2008:101 du 16 mai 2008 :",
"url": "http://www.mandriva.com/archives/security/advisories"
},
{
"title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora Core 3886 du 14 mai 2008 :",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 iDefense 696 du 07 mai 2008 :",
"url": "http://www.idefense.com/ntelligence/vulnerabilities/display.php?id=696"
},
{
"title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora Core 3917 du 14 mai 2008 :",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora Core 3985 du 14 mai 2008 :",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1573 du 11 mai 2008 :",
"url": "http://www.debian.org/security/2008/dsa-1573"
}
],
"reference": "CERTA-2008-AVI-322",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-06-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 permettant l\u0027ex\u00e9cution de code arbitraire affecte\nrdesktop lors du traitement des requ\u00eates RDP.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans rdesktop",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de mise \u00e0 jour du 10 mai 2008",
"url": null
}
]
}
CVE-2008-1802 (GCVE-0-2008-1802)
Vulnerability from cvelistv5
Published
2008-05-12 16:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30118"
},
{
"name": "USN-646-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-646-1"
},
{
"name": "GLSA-200806-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"
},
{
"name": "1019991",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019991"
},
{
"name": "FEDORA-2008-3917",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"name": "20080507 Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697"
},
{
"name": "30713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30713"
},
{
"name": "DSA-1573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1573"
},
{
"name": "FEDORA-2008-3886",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"name": "rdesktop-processredirectpdu-bo(42275)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42275"
},
{
"name": "ADV-2008-2403",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2403"
},
{
"name": "FEDORA-2008-3985",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"name": "29097",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29097"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101\u0026r2=1.102\u0026pathrev=HEAD"
},
{
"name": "240708",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"
},
{
"name": "ADV-2008-1467",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1467/references"
},
{
"name": "MDVSA-2008:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"
},
{
"name": "5585",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5585"
},
{
"name": "30248",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30248"
},
{
"name": "31928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31928"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30118"
},
{
"name": "USN-646-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-646-1"
},
{
"name": "GLSA-200806-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"
},
{
"name": "1019991",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019991"
},
{
"name": "FEDORA-2008-3917",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"name": "20080507 Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697"
},
{
"name": "30713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30713"
},
{
"name": "DSA-1573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1573"
},
{
"name": "FEDORA-2008-3886",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"name": "rdesktop-processredirectpdu-bo(42275)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42275"
},
{
"name": "ADV-2008-2403",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2403"
},
{
"name": "FEDORA-2008-3985",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"name": "29097",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29097"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101\u0026r2=1.102\u0026pathrev=HEAD"
},
{
"name": "240708",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"
},
{
"name": "ADV-2008-1467",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1467/references"
},
{
"name": "MDVSA-2008:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"
},
{
"name": "5585",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5585"
},
{
"name": "30248",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30248"
},
{
"name": "31928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31928"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30118"
},
{
"name": "USN-646-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-646-1"
},
{
"name": "GLSA-200806-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"
},
{
"name": "1019991",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019991"
},
{
"name": "FEDORA-2008-3917",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"name": "20080507 Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697"
},
{
"name": "30713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30713"
},
{
"name": "DSA-1573",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1573"
},
{
"name": "FEDORA-2008-3886",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"name": "rdesktop-processredirectpdu-bo(42275)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42275"
},
{
"name": "ADV-2008-2403",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2403"
},
{
"name": "FEDORA-2008-3985",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"name": "29097",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29097"
},
{
"name": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101\u0026r2=1.102\u0026pathrev=HEAD",
"refsource": "CONFIRM",
"url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101\u0026r2=1.102\u0026pathrev=HEAD"
},
{
"name": "240708",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"
},
{
"name": "ADV-2008-1467",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1467/references"
},
{
"name": "MDVSA-2008:101",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"
},
{
"name": "5585",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5585"
},
{
"name": "30248",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30248"
},
{
"name": "31928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31928"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1802",
"datePublished": "2008-05-12T16:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1801 (GCVE-0-2008-1801)
Vulnerability from cvelistv5
Published
2008-05-12 16:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31224"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/iso.c?r1=1.19\u0026r2=1.20\u0026pathrev=HEAD"
},
{
"name": "5561",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5561"
},
{
"name": "30118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30118"
},
{
"name": "USN-646-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-646-1"
},
{
"name": "GLSA-200806-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"
},
{
"name": "FEDORA-2008-3917",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"name": "30713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30713"
},
{
"name": "rdesktop-isorecvmsg-code-execution(42272)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42272"
},
{
"name": "1019990",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019990"
},
{
"name": "SSA:2008-148-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.395286"
},
{
"name": "DSA-1573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1573"
},
{
"name": "FEDORA-2008-3886",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"name": "RHSA-2008:0725",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0725.html"
},
{
"name": "ADV-2008-2403",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2403"
},
{
"name": "FEDORA-2008-3985",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"name": "29097",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29097"
},
{
"name": "240708",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"
},
{
"name": "30380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30380"
},
{
"name": "ADV-2008-1467",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1467/references"
},
{
"name": "MDVSA-2008:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"
},
{
"name": "oval:org.mitre.oval:def:11570",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11570"
},
{
"name": "RHSA-2008:0576",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0576.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"
},
{
"name": "20080507 Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=696"
},
{
"name": "RHSA-2008:0575",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0575.html"
},
{
"name": "30248",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30248"
},
{
"name": "31928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31928"
},
{
"name": "31222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31222"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31224"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/iso.c?r1=1.19\u0026r2=1.20\u0026pathrev=HEAD"
},
{
"name": "5561",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5561"
},
{
"name": "30118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30118"
},
{
"name": "USN-646-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-646-1"
},
{
"name": "GLSA-200806-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"
},
{
"name": "FEDORA-2008-3917",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"name": "30713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30713"
},
{
"name": "rdesktop-isorecvmsg-code-execution(42272)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42272"
},
{
"name": "1019990",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019990"
},
{
"name": "SSA:2008-148-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.395286"
},
{
"name": "DSA-1573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1573"
},
{
"name": "FEDORA-2008-3886",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"name": "RHSA-2008:0725",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0725.html"
},
{
"name": "ADV-2008-2403",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2403"
},
{
"name": "FEDORA-2008-3985",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"name": "29097",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29097"
},
{
"name": "240708",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"
},
{
"name": "30380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30380"
},
{
"name": "ADV-2008-1467",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1467/references"
},
{
"name": "MDVSA-2008:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"
},
{
"name": "oval:org.mitre.oval:def:11570",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11570"
},
{
"name": "RHSA-2008:0576",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0576.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"
},
{
"name": "20080507 Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=696"
},
{
"name": "RHSA-2008:0575",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0575.html"
},
{
"name": "30248",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30248"
},
{
"name": "31928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31928"
},
{
"name": "31222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31222"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31224",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31224"
},
{
"name": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/iso.c?r1=1.19\u0026r2=1.20\u0026pathrev=HEAD",
"refsource": "CONFIRM",
"url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/iso.c?r1=1.19\u0026r2=1.20\u0026pathrev=HEAD"
},
{
"name": "5561",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5561"
},
{
"name": "30118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30118"
},
{
"name": "USN-646-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-646-1"
},
{
"name": "GLSA-200806-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"
},
{
"name": "FEDORA-2008-3917",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"name": "30713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30713"
},
{
"name": "rdesktop-isorecvmsg-code-execution(42272)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42272"
},
{
"name": "1019990",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019990"
},
{
"name": "SSA:2008-148-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.395286"
},
{
"name": "DSA-1573",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1573"
},
{
"name": "FEDORA-2008-3886",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"name": "RHSA-2008:0725",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0725.html"
},
{
"name": "ADV-2008-2403",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2403"
},
{
"name": "FEDORA-2008-3985",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"name": "29097",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29097"
},
{
"name": "240708",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"
},
{
"name": "30380",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30380"
},
{
"name": "ADV-2008-1467",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1467/references"
},
{
"name": "MDVSA-2008:101",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"
},
{
"name": "oval:org.mitre.oval:def:11570",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11570"
},
{
"name": "RHSA-2008:0576",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0576.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"
},
{
"name": "20080507 Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=696"
},
{
"name": "RHSA-2008:0575",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0575.html"
},
{
"name": "30248",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30248"
},
{
"name": "31928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31928"
},
{
"name": "31222",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31222"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1801",
"datePublished": "2008-05-12T16:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1803 (GCVE-0-2008-1803)
Vulnerability from cvelistv5
Published
2008-05-12 22:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31224"
},
{
"name": "rdesktop-xrealloc-bo(42277)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42277"
},
{
"name": "30118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30118"
},
{
"name": "USN-646-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-646-1"
},
{
"name": "GLSA-200806-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"
},
{
"name": "FEDORA-2008-3917",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"name": "30713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30713"
},
{
"name": "DSA-1573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1573"
},
{
"name": "1019992",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019992"
},
{
"name": "FEDORA-2008-3886",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"name": "20080507 Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698"
},
{
"name": "ADV-2008-2403",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2403"
},
{
"name": "FEDORA-2008-3985",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdesktop.c?r1=1.161\u0026r2=1.162\u0026pathrev=HEAD"
},
{
"name": "29097",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29097"
},
{
"name": "240708",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"
},
{
"name": "ADV-2008-1467",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1467/references"
},
{
"name": "oval:org.mitre.oval:def:9800",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9800"
},
{
"name": "MDVSA-2008:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=20080511065217.GA24455%40cse.unsw.EDU.AU"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"
},
{
"name": "RHSA-2008:0575",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0575.html"
},
{
"name": "30248",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30248"
},
{
"name": "31928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31928"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31224"
},
{
"name": "rdesktop-xrealloc-bo(42277)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42277"
},
{
"name": "30118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30118"
},
{
"name": "USN-646-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-646-1"
},
{
"name": "GLSA-200806-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"
},
{
"name": "FEDORA-2008-3917",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"name": "30713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30713"
},
{
"name": "DSA-1573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1573"
},
{
"name": "1019992",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019992"
},
{
"name": "FEDORA-2008-3886",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"name": "20080507 Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698"
},
{
"name": "ADV-2008-2403",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2403"
},
{
"name": "FEDORA-2008-3985",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdesktop.c?r1=1.161\u0026r2=1.162\u0026pathrev=HEAD"
},
{
"name": "29097",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29097"
},
{
"name": "240708",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"
},
{
"name": "ADV-2008-1467",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1467/references"
},
{
"name": "oval:org.mitre.oval:def:9800",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9800"
},
{
"name": "MDVSA-2008:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=20080511065217.GA24455%40cse.unsw.EDU.AU"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"
},
{
"name": "RHSA-2008:0575",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0575.html"
},
{
"name": "30248",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30248"
},
{
"name": "31928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31928"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31224",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31224"
},
{
"name": "rdesktop-xrealloc-bo(42277)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42277"
},
{
"name": "30118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30118"
},
{
"name": "USN-646-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-646-1"
},
{
"name": "GLSA-200806-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"
},
{
"name": "FEDORA-2008-3917",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"
},
{
"name": "30713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30713"
},
{
"name": "DSA-1573",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1573"
},
{
"name": "1019992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019992"
},
{
"name": "FEDORA-2008-3886",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"
},
{
"name": "20080507 Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698"
},
{
"name": "ADV-2008-2403",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2403"
},
{
"name": "FEDORA-2008-3985",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"
},
{
"name": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdesktop.c?r1=1.161\u0026r2=1.162\u0026pathrev=HEAD",
"refsource": "CONFIRM",
"url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdesktop.c?r1=1.161\u0026r2=1.162\u0026pathrev=HEAD"
},
{
"name": "29097",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29097"
},
{
"name": "240708",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"
},
{
"name": "ADV-2008-1467",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1467/references"
},
{
"name": "oval:org.mitre.oval:def:9800",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9800"
},
{
"name": "MDVSA-2008:101",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"
},
{
"name": "http://sourceforge.net/mailarchive/message.php?msg_name=20080511065217.GA24455%40cse.unsw.EDU.AU",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=20080511065217.GA24455%40cse.unsw.EDU.AU"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"
},
{
"name": "RHSA-2008:0575",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0575.html"
},
{
"name": "30248",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30248"
},
{
"name": "31928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31928"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1803",
"datePublished": "2008-05-12T22:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…