Debian DSA-1573-1 : rdesktop - several vulnerabilities

NASLDB: Debian DSA-1573-1 : rdesktop - several vulnerabilities

General

ID: 32307
Name: Debian DSA-1573-1 : rdesktop – several vulnerabilities

Summary: Checks dpkg output for the updated package

Credits: –

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –

Port: 0
Family: Debian Local Security Checks
Type: Local

Description

Several remote vulnerabilities have been discovered in rdesktop, a
Remote Desktop Protocol client. The Common Vulnerabilities and
Exposures project identifies the following problems :

– CVE-2008-1801
Remote exploitation of an integer underflow
vulnerability allows attackers to execute arbitrary code
with the privileges of the logged-in user.

– CVE-2008-1802
Remote exploitation of a BSS overflow vulnerability
allows attackers to execute arbitrary code with the
privileges of the logged-in user.

– CVE-2008-1803
Remote exploitation of an integer signedness
vulnerability allows attackers to execute arbitrary code
with the privileges of the logged-in user.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2008-1801
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2008/05/11
Plugin Release: 2008/05/13

Plugin

Version: 1.8
Filename: debian_DSA-1573.nasl
Filesize: 3973 bytes
MD5 Hash: dab3ff373f77e5e3a76997ac7e4f206b

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG