Rdesktop: Remote Control with Security Holes

May 09, 2008

Security researchers iDefense have disclosed three vulnerabilities in the Rdesktop Remote Client.

The Rdesktop RDP client has three different vulnerabilities that are open to remote code injection attacks.

The Remote Desktop Protocol (RDP) was created by Microsoft as a basis for terminal services and is also used for remote maintenance of computers.

The first vulnerability is hidden in the "iso.c" file. An integer underflow bug triggers a heap-based buffer overflow on processing manipulated RDP requests. An input validation error in "rdp.c" results in a BSS-based buffer overflow triggered by redirect requests, and an error in the "xrealloc()" function also leads to a heap-based buffer overflow .

According to iDenfense the errors affect Rdesktop version 1.5.0, which was released in September 2006. Earlier versions of the application may be affected. The Rdesktop developers have already removed the vulnerabilities on the CVS. Regular users are thus advised to build the RDP client from the current source code. Users who prefer to avoid the overhead, are advised to reject incoming offers of support from unknown sources.

comments powered by Disqus

Issue 14: Raspberry Pi Handbook/Special Editions

Buy this issue as a PDF

Tag Cloud

Android Bruce Byfield Gnome KDE Kernel Linux Linux Pro Magazine Open Source Projects Red Hat Ubuntu events foss free software google

News