MDVSA-2008:101 -- Mandriva rdesktopID: oval:org.secpod.oval:def:301308 | Date: (C)2012-01-07 (M)2021-06-02 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in rdesktop, a Remote Desktop Protocol client. An integer underflow vulnerability allowed attackers to cause a denial of service and possibly execute arbitrary code with the privileges of the logged-in user . A buffer overflow vulnerability allowed attackers to execute arbitrary code with the privileges of the logged-in user . An integer signedness vulnerability allowed attackers to execute arbitrary code with the privileges of the logged-in user . In order for these vulnerabilities to be exploited, an attacker must persuade a targeted user to connect to a malicious RDP server. The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2007.1 |
Mandriva Linux 2008.1 |
Mandriva Linux 2008.0 |