CVE-2008-1802 - OpenCVE

Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Rdesktop	Rdesktop

Configuration 1 [-]

cpe:2.3:a:rdesktop:rdesktop:1.5.0:*:*:*:*:*:*:*

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697
http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101&r2=1.102&pathrev=HEAD	Exploit
http://secunia.com/advisories/30118
http://secunia.com/advisories/30248
http://secunia.com/advisories/30713
http://secunia.com/advisories/31928
http://security.gentoo.org/glsa/glsa-200806-04.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1
http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm
http://www.debian.org/security/2008/dsa-1573
http://www.mandriva.com/security/advisories?name=MDVSA-2008:101
http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html
http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html
http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html
http://www.securityfocus.com/bid/29097
http://www.securitytracker.com/id?1019991
http://www.ubuntu.com/usn/usn-646-1
http://www.vupen.com/english/advisories/2008/1467/references
http://www.vupen.com/english/advisories/2008/2403
https://exchange.xforce.ibmcloud.com/vulnerabilities/42275
https://www.exploit-db.com/exploits/5585

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-05-12T16:00:00

Updated: 2017-09-28T12:57:01

Reserved: 2008-04-15T00:00:00

Link: CVE-2008-1802

JSON object: View

NVD Information

Status : Modified

Published: 2008-05-12T16:20:00.000

Modified: 2017-09-29T01:30:52.757

Link: CVE-2008-1802

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-05-07T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "30118", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30118"}, {"name": "USN-646-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-646-1"}, {"name": "GLSA-200806-04", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"}, {"name": "1019991", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1019991"}, {"name": "FEDORA-2008-3917", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"}, {"name": "20080507 Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697"}, {"name": "30713", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30713"}, {"name": "DSA-1573", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1573"}, {"name": "FEDORA-2008-3886", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"}, {"name": "rdesktop-processredirectpdu-bo(42275)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42275"}, {"name": "ADV-2008-2403", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2403"}, {"name": "FEDORA-2008-3985", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"}, {"name": "29097", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29097"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101&r2=1.102&pathrev=HEAD"}, {"name": "240708", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"}, {"name": "ADV-2008-1467", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1467/references"}, {"name": "MDVSA-2008:101", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"}, {"name": "5585", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/5585"}, {"name": "30248", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30248"}, {"name": "31928", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31928"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-1802", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "30118", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30118"}, {"name": "USN-646-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-646-1"}, {"name": "GLSA-200806-04", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"}, {"name": "1019991", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1019991"}, {"name": "FEDORA-2008-3917", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"}, {"name": "20080507 Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697"}, {"name": "30713", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30713"}, {"name": "DSA-1573", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1573"}, {"name": "FEDORA-2008-3886", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"}, {"name": "rdesktop-processredirectpdu-bo(42275)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42275"}, {"name": "ADV-2008-2403", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2403"}, {"name": "FEDORA-2008-3985", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"}, {"name": "29097", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29097"}, {"name": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101&r2=1.102&pathrev=HEAD", "refsource": "CONFIRM", "url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101&r2=1.102&pathrev=HEAD"}, {"name": "240708", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"}, {"name": "ADV-2008-1467", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1467/references"}, {"name": "MDVSA-2008:101", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"}, {"name": "5585", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/5585"}, {"name": "30248", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30248"}, {"name": "31928", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31928"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-1802", "datePublished": "2008-05-12T16:00:00", "dateReserved": "2008-04-15T00:00:00", "dateUpdated": "2017-09-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rdesktop:rdesktop:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3B97D70B-2614-4EDB-A74E-217E42076C66", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en la funci\u00f3n process_redirect_pdu (rdp.c) de rdesktop 1.5.0 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una petici\u00f3n de redireccionamiento Remote Desktop Protocol (RDP) (Protocolo de Escritorio Remoto) con campos de longitud modificados."}], "id": "CVE-2008-1802", "lastModified": "2017-09-29T01:30:52.757", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-05-12T16:20:00.000", "references": [{"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdp.c?r1=1.101&r2=1.102&pathrev=HEAD"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30118"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30248"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30713"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/31928"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200806-04.xml"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1"}, {"source": "cve@mitre.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1573"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:101"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29097"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1019991"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-646-1"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1467/references"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2403"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42275"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/5585"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of rdesktop as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.", "lastModified": "2008-06-24T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}