Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[USN-646-1] rdesktop vulnerabilities
From: Jamie Strandboge <jamie () canonical com>
Date: Thu, 18 Sep 2008 14:53:05 -0500

=========================================================== 
Ubuntu Security Notice USN-646-1         September 18, 2008
rdesktop vulnerabilities
CVE-2008-1801, CVE-2008-1802, CVE-2008-1803
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  rdesktop                        1.4.1-1.1ubuntu0.6.06.1

Ubuntu 7.04:
  rdesktop                        1.5.0-1ubuntu1.1

Ubuntu 7.10:
  rdesktop                        1.5.0-2ubuntu0.1

Ubuntu 8.04 LTS:
  rdesktop                        1.5.0-3+cvs20071006ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that rdesktop did not properly validate the length
of packet headers when processing RDP requests. If a user were tricked
into connecting to a malicious server, an attacker could cause a
denial of service or possible execute arbitrary code with the
privileges of the user. (CVE-2008-1801)

Multiple buffer overflows were discovered in rdesktop when processing
RDP redirect requests. If a user were tricked into connecting to a
malicious server, an attacker could cause a denial of service or
possible execute arbitrary code with the privileges of the user.
(CVE-2008-1802)

It was discovered that rdesktop performed a signed integer comparison
when reallocating dynamic buffers which could result in a heap-based
overflow. If a user were tricked into connecting to a malicious
server, an attacker could cause a denial of service or possible
execute arbitrary code with the privileges of the user.
(CVE-2008-1802)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.4.1-1.1ubuntu0.6.06.1.diff.gz
      Size/MD5:    11833 02d252fcd49c4645b3e716d856d1c415
    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.4.1-1.1ubuntu0.6.06.1.dsc
      Size/MD5:      652 ef3291adc58f0a7cb13a611b4f0a2121
    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.4.1.orig.tar.gz
      Size/MD5:   218413 ce6b2369d633128ff00a2a8ae7c18ef8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.4.1-1.1ubuntu0.6.06.1_amd64.deb
      Size/MD5:   111972 aa37f6bbd6e6aef1c522fbdb856b0f88

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.4.1-1.1ubuntu0.6.06.1_i386.deb
      Size/MD5:   101116 c763412c9df04d92d96ac35d3b1da461

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.4.1-1.1ubuntu0.6.06.1_powerpc.deb
      Size/MD5:   119686 a04bf8dfa52a4b9345c0768174c4fe5f

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.4.1-1.1ubuntu0.6.06.1_sparc.deb
      Size/MD5:   108374 f93183194eb83d0d303bc198260f5aaf

Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-1ubuntu1.1.diff.gz
      Size/MD5:    20640 935bc4696bd2aea80b00ce2d1541b8a1
    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-1ubuntu1.1.dsc
      Size/MD5:      648 fa4980e269f93cdc5fe4547b4ba270c6
    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0.orig.tar.gz
      Size/MD5:   245137 433546f60fc0f201e99307ba188369ed

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-1ubuntu1.1_amd64.deb
      Size/MD5:   138228 051403b954434d9f3abdeeeaf598ab6b

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-1ubuntu1.1_i386.deb
      Size/MD5:   122622 ddd936f095eca9f9c1ebaa9b2a1ac637

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-1ubuntu1.1_powerpc.deb
      Size/MD5:   147290 477231f887705ee5f5303d9d95c9b63f

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-1ubuntu1.1_sparc.deb
      Size/MD5:   131252 66fe53989b7540f8de5267e543fabb4e

Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-2ubuntu0.1.diff.gz
      Size/MD5:    20644 87afc1c27f2489d0a7ce4d1592f294d6
    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-2ubuntu0.1.dsc
      Size/MD5:      648 6bd1addbc212ec9b4f331be244e604aa
    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0.orig.tar.gz
      Size/MD5:   245137 433546f60fc0f201e99307ba188369ed

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-2ubuntu0.1_amd64.deb
      Size/MD5:   138036 4a7e96222fe9027700e816acf59bb734

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-2ubuntu0.1_i386.deb
      Size/MD5:   122472 b1dd9c0cb2641891ddcfec99704b46a9

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/r/rdesktop/rdesktop_1.5.0-2ubuntu0.1_lpia.deb
      Size/MD5:   122174 ddcb80d1456ba036a283bd239e5d559b

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-2ubuntu0.1_powerpc.deb
      Size/MD5:   146892 09c1dda0b426d812b867f311884854cc

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-2ubuntu0.1_sparc.deb
      Size/MD5:   130926 4c438675fae5796dc90d18c38b09993f

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-3+cvs20071006ubuntu0.1.diff.gz
      Size/MD5:   239616 dd50827c7f209fba8acce7438046a0c5
    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-3+cvs20071006ubuntu0.1.dsc
      Size/MD5:      673 df18cff01658e869689437b0f4ba6a3f
    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0.orig.tar.gz
      Size/MD5:   245137 433546f60fc0f201e99307ba188369ed

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-3+cvs20071006ubuntu0.1_amd64.deb
      Size/MD5:   146160 553eebe2e4574d5ecfca06471fc5f765

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/r/rdesktop/rdesktop_1.5.0-3+cvs20071006ubuntu0.1_i386.deb
      Size/MD5:   128674 9bc9f5f95fd66bf57b0520299e478b08

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/r/rdesktop/rdesktop_1.5.0-3+cvs20071006ubuntu0.1_lpia.deb
      Size/MD5:   129648 abdab7d9e099f1d6dde38c7e4efe4707

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/r/rdesktop/rdesktop_1.5.0-3+cvs20071006ubuntu0.1_powerpc.deb
      Size/MD5:   152548 25633e850f1523be7b76a08e2ff33543

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/r/rdesktop/rdesktop_1.5.0-3+cvs20071006ubuntu0.1_sparc.deb
      Size/MD5:   136268 1cd132a6dc1d34fc08df8a87ea559c6f


Attachment: signature.asc
Description: Digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • [USN-646-1] rdesktop vulnerabilities Jamie Strandboge (Sep 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault