FrSIRT - Mandriva Security Update Fixes rdesktop Code Execution Vulnerabilities / Exploit

French Security Incident Response Team

Français

English

Mandriva Security Update Fixes rdesktop Code Execution Vulnerabilities

Date de Publication : 2008-05-19 © FrSIRT.COM
Titre : Mandriva Security Update Fixes rdesktop Code Execution Vulnerabilities
Identifiant : FrSIRT/AVIS-2008-1555
CVE ID : CVE-2008-1801 - CVE-2008-1802 - CVE-2008-1803
Risque : Elevé (3/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Mandriva, elles pourraient être exploitées par des attaquants afin de causer un déni de service ou compromettre un système vulnérable [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.1:
c2479d8376d88be833aa8f955c2c1dab 2007.1/i586/rdesktop-1.5.0-1.2mdv2007.1.i586.rpm
e5f1b4ec2271ff281deb72ca8b868140 2007.1/SRPMS/rdesktop-1.5.0-1.2mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
5476b145af183bba4c4959ab1536696d 2007.1/x86_64/rdesktop-1.5.0-1.2mdv2007.1.x86_64.rpm
e5f1b4ec2271ff281deb72ca8b868140 2007.1/SRPMS/rdesktop-1.5.0-1.2mdv2007.1.src.rpm

Mandriva Linux 2008.0:
80a8efe2616d7e8b66914505901a4895 2008.0/i586/rdesktop-1.5.0-3.1mdv2008.0.i586.rpm
837469cc175b5a48694dbd66b7eedc11 2008.0/SRPMS/rdesktop-1.5.0-3.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
4930b6ec7d4e565e4f06a6b2a090f34c 2008.0/x86_64/rdesktop-1.5.0-3.1mdv2008.0.x86_64.rpm
837469cc175b5a48694dbd66b7eedc11 2008.0/SRPMS/rdesktop-1.5.0-3.1mdv2008.0.src.rpm

Mandriva Linux 2008.1:
3d690f988c35ec2345928339619f6abd 2008.1/i586/rdesktop-1.5.0-4.1mdv2008.1.i586.rpm
ab205bea3e169673599c18d05d8d59a9 2008.1/SRPMS/rdesktop-1.5.0-4.1mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
f41256a3643c67c77a5d83dc2683fdb3 2008.1/x86_64/rdesktop-1.5.0-4.1mdv2008.1.x86_64.rpm
ab205bea3e169673599c18d05d8d59a9 2008.1/SRPMS/rdesktop-1.5.0-4.1mdv2008.1.src.rpm

Corporate 4.0:
51418206cc2473da8e5cd2382be3c0e2 corporate/4.0/i586/rdesktop-1.4.1-1.1.20060mlcs4.i586.rpm
a8292c842bc727ca14bdfc454debfd58 corporate/4.0/SRPMS/rdesktop-1.4.1-1.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
14df9b9cc7c73d6ab2a11dafa3e08a13 corporate/4.0/x86_64/rdesktop-1.4.1-1.1.20060mlcs4.x86_64.rpm
a8292c842bc727ca14bdfc454debfd58 corporate/4.0/SRPMS/rdesktop-1.4.1-1.1.20060mlcs4.src.rpm

Historique

2008-05-19 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability
	Mozilla Products Remote Code Execution Vulnerabilities
	Mozilla Products Code Execution and Injection Vulnerabilities
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability
	Mozilla Thunderbird Code Execution and Cross Site Scripting Issues
	Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues
	Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues

	Sun Solaris Covert Channel Local Security Bypass Vulnerability
	Sun Solaris NFS RPC Zone Denial of Service Vulnerability
	Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability
	Sun Solaris NFSv4 Client Kernel Module Denial of Service Vulnerability
	Sun Java System Portal Server Cross Site Scripting Vulnerability
	Sun rdesktop Code Execution and Denial of Service
	Sun Java System Web Proxy Server Denial of Service Vulnerability

	Microsoft Visual Studio "Msmask32" Code Execution Vulnerability
	Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)
	Microsoft Windows Messenger Data Disclosure (MS08-050)
	Microsoft Windows Event System Code Execution (MS08-049)
	Microsoft Outlook and Mail Security Bypass Vulnerability (MS08-048)
	Microsoft Windows IPsec Policy Data Disclosure Vulnerability (MS08-047)
	Microsoft Windows MSCMS Code Execution Vulnerability (MS08-046)