AVG-871

Package rdesktop
Status Fixed
Severity High
Type multiple issues
Affected 1.8.3-1
Fixed 1.8.4-1
Current 1.8.4-1 [community]
Ticket FS#61652
Created Wed Feb 6 12:50:37 2019
Issue Severity Remote Type Description
CVE-2018-8800 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to a heap-based buffer overflow in function ui_clip_handle_data() that results in a memory corruption and probably even...
CVE-2018-8799 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function process_secondary_order() that results in a denial of service (segfault).
CVE-2018-8798 Medium Yes Information disclosure
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function rdpsnd_process_ping() that results in an information leak.
CVE-2018-8797 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to a heap-based buffer overflow in function process_plane() that results in a memory corruption and probably even a...
CVE-2018-8796 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function process_bitmap_updates() that results in a denial of service (segfault).
CVE-2018-8795 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to an integer overflow that leads to a heap-based buffer overflow in function process_bitmap_updates() and results in a...
CVE-2018-8794 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to an integer overflow that leads to an out-of-bounds write in function process_bitmap_updates() and results in a memory...
CVE-2018-8793 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to a heap-based buffer overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even...
CVE-2018-8792 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function cssp_read_tsrequest() that results in a denial of service (segfault).
CVE-2018-8791 Medium Yes Information disclosure
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function rdpdr_process() that results in an information leak.
CVE-2018-20182 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to remote code execution in seamless_process_line().
CVE-2018-20181 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to remote code execution in seamless_process().
CVE-2018-20180 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to remote code execution in rdpsnddbg_process().
CVE-2018-20179 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to remote code execution in lspci_process().
CVE-2018-20178 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to denial of service in process_demand_active().
CVE-2018-20177 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to a memory corruption issue in rdp_in_unistr() that could lead to arbitrary code execution.
CVE-2018-20176 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to denial of service in sec_parse_crypt_info() and sec_recv().
CVE-2018-20175 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to denial of service in mcs_recv_connect_response() and mcs_parse_domain_params().
CVE-2018-20174 Medium Yes Information disclosure
rdesktop before 1.8.4 is vulnerable to an information leak in ui_clip_handle_data().
Date Advisory Package Description
11 Feb 2019 ASA-201902-5 rdesktop multiple issues
References
https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1