Launchpad CVE tracker

CVE 2008-1803

Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.

Related bugs and status

CVE-2008-1803 (Candidate) is related to these bugs:

Bug #228193: rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]

		In	Importance	Status
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu)	Undecided	Fix Released
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu Dapper)	Undecided	Fix Released
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu Feisty)	Undecided	Fix Released
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu Gutsy)	Undecided	Fix Released
228193	rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]	rdesktop (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

IDEFENSE: 20080507 Multiple Vend...
CONFIRM: http://sourceforge.net...
DEBIAN: DSA-1573
BID: 29097
SECTRACK: 1019992
SECUNIA: 30118
FEDORA: FEDORA-2008-3886
FEDORA: FEDORA-2008-3917
FEDORA: FEDORA-2008-3985
SECUNIA: 30248
MANDRIVA: MDVSA-2008:101
GENTOO: GLSA-200806-04
SECUNIA: 30713
REDHAT: RHSA-2008:0575
SECUNIA: 31224
SUNALERT: 240708
UBUNTU: USN-646-1
SECUNIA: 31928
CONFIRM: http://support.avaya.c...
VUPEN: ADV-2008-1467
VUPEN: ADV-2008-2403
CONFIRM: http://rdesktop.cvs.so...
XF: rdesktop-xrealloc-bo(4...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2008-1803

Related bugs and status

Related bugs

References