CVE-2008-1801
rdesktop - several vulnerabilities
EPSS 36.7%
Description
Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.
How to fix CVE-2008-1801
To remediate CVE-2008-1801, upgrade the affected package to a fixed version below.
- Debian/rdesktop—upgrade to 1.5.0-4+cvs20071006 or later
- Debian/rdesktop—upgrade to 1.5.0-1etch2 or later
Is CVE-2008-1801 being exploited?
Moderate — EPSS is 36.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.5.0-4+cvs20071006
- from 0, < 1.5.0-1etch2