Rdesktop: Remote Control with Security Holes

May 09, 2008

Security researchers iDefense have disclosed three vulnerabilities in the Rdesktop Remote Client.

The Rdesktop RDP client has three different vulnerabilities that are open to remote code injection attacks.

The Remote Desktop Protocol (RDP) was created by Microsoft as a basis for terminal services and is also used for remote maintenance of computers.

The first vulnerability is hidden in the "iso.c" file. An integer underflow bug triggers a heap-based buffer overflow on processing manipulated RDP requests. An input validation error in "rdp.c" results in a BSS-based buffer overflow triggered by redirect requests, and an error in the "xrealloc()" function also leads to a heap-based buffer overflow .

According to iDenfense the errors affect Rdesktop version 1.5.0, which was released in September 2006. Earlier versions of the application may be affected. The Rdesktop developers have already removed the vulnerabilities on the CVS. Regular users are thus advised to build the RDP client from the current source code. Users who prefer to avoid the overhead, are advised to reject incoming offers of support from unknown sources.

Related content

  • Holes in Firewall-1

    Spanish security researchers have discovered several vulnerabilities in the "Firewall-1" security solution by software vendor Checkpoint, and are now questioning its Common Criteria EAL4+ certification.

  • Rdesktop

    Windows terminal services in Linux with Rdesktop

  • Script Error Opens up Security Hole in Xen 3.0.3

    A Red Hat update has just been released to close various vulnerabilities in the Xen virtualization solution, one of which was caused by an error in a Python script.

  • Two GnuTLS Bugfix Releases

    The GnuTLS project has published two bugfix releases to close several vulnerabilities and resolve an error capable of interrupting connections.

  • Security Issue with FLAC Audio Codec

    Loss free audio codecs are gaining in popularity with device manufacturers; right now, a vulnerability in the Free Lossless Audio Codec (FLAC) spoils users listening pleasure.

comments powered by Disqus

Issue 171/2015

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)


njobs Europe
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia