Launchpad CVE tracker

CVE 2008-1801

Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.

Related bugs and status

CVE-2008-1801 (Candidate) is related to these bugs:

Bug #228193: rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]

		In	Importance	Status
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu)	Undecided	Fix Released
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu Dapper)	Undecided	Fix Released
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu Feisty)	Undecided	Fix Released
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu Gutsy)	Undecided	Fix Released
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

IDEFENSE: 20080507 Multiple Vend...
DEBIAN: DSA-1573
BID: 29097
SECTRACK: 1019990
SECUNIA: 30118
FEDORA: FEDORA-2008-3886
FEDORA: FEDORA-2008-3917
FEDORA: FEDORA-2008-3985
SECUNIA: 30248
MANDRIVA: MDVSA-2008:101
SECUNIA: 30380
GENTOO: GLSA-200806-04
SECUNIA: 30713
REDHAT: RHSA-2008:0575
REDHAT: RHSA-2008:0576
REDHAT: RHSA-2008:0725
SECUNIA: 31222
SECUNIA: 31224
SUNALERT: 240708
UBUNTU: USN-646-1
SECUNIA: 31928
CONFIRM: http://support.avaya.c...
VUPEN: ADV-2008-1467
VUPEN: ADV-2008-2403
CONFIRM: http://rdesktop.cvs.so...
SLACKWARE: SSA:2008-148-01
XF: rdesktop-isorecvmsg-co...
EXPLOIT-DB: 5561
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2008-1801

Related bugs and status

Related bugs

References