Showing 1 - 1 of 1

Files

rdesktop-underflow.txt: Posted May 9, 2008; Authored by Guido Landi; rdesktop version 1.5.0 integer underflow proof of concept exploit that takes advantage of iso_recv_msg().; tags | exploit, proof of concept; advisories | CVE-2008-1801; SHA-256 | 76fb7c0182f22162b10ef53dc34f0663fab8c3ad651d898e08ac4c9bfc0f266a; Download | Favorite | View

Related Files

iDEFENSE Security Advisory 2008-05-07.1: Posted May 8, 2008; Authored by iDefense Labs | Site idefense.com; iDefense Security Advisory 05.07.08 - Remote exploitation of an integer underflow vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reading in an RDP request. When reading a request, a 16-bit integer value that represents the number of bytes that follow is taken from the packet. This value is then decremented by 4, and used to calculate how many bytes to read into a heap buffer. The subtraction operation can underflow, which will then lead to the heap buffer being overflowed. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected.; tags | advisory, remote, overflow, arbitrary; advisories | CVE-2008-1801; SHA-256 | 1092f657e4d4b947c1ee615da74f97b5643e05d42dbeb1e99d0b4d8092a260b7; Download | Favorite | View

Page 1 of 1 Back 1 Next