Synopsis: Moderate: rdesktop security update
Issue date: 2008-07-24
CVE Names: CVE-2008-1801 CVE-2008-1803
An integer underflow and integer signedness issue were discovered in the
rdesktop. If an attacker could convince a victim to connect to a malicious
RDP server, the attacker could cause the victim's rdesktop to crash or,
possibly, execute an arbitrary code. (CVE-2008-1801, CVE-2008-1803)
SL 5.x
SRPMS:
rdesktop-1.4.1-6.src.rpm
i386:
rdesktop-1.4.1-6.i386.rpm
x86_64:
rdesktop-1.4.1-6.x86_64.rpm
-Connie Sieh
-Troy Dawson