Debian Rdesktop vulnerabilities

CVE-2011-1595 [MEDIUM] CVE-2011-1595: rdesktop - Directory traversal vulnerability in the disk_create function in disk.c in rdesk... Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname. Scope: local bookworm: resolved (fixed in 1.7.0-1) bullseye: resolved (fixed in 1.7.0-1) forky: resolved (fixed in 1.7.0-1) sid: resolved

CVE-2008-1801 [CRITICAL] CVE-2008-1801: rdesktop - Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows ... Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field. Scope: local bookworm: resolved (fixed in 1.5.0-4+cvs20071006) bullseye: resolved (fixed in 1.5.0-4+cvs20071006) forky: reso

CVE-2008-1802 [CRITICAL] CVE-2008-1802: rdesktop - Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 a... Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields. Scope: local bookworm: resolved (fixed in 1.5.0-4+cvs20071006) bullseye: resolved (fixed in 1.5.0-4+cvs20071006) forky: resolved (fixed in 1.5.0-4+cvs2007

CVE-2008-1803 [CRITICAL] CVE-2008-1803: rdesktop - Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0... Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher. Scope: local bookworm: resolved (fixed in 1.5.0-4+cvs20071006) bullseye: resolved