Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 255148 (CVE-2008-5902) - net-misc/xrdp arbitrary code execution (CVE-2008-{5902,5903,5904})
Summary: net-misc/xrdp arbitrary code execution (CVE-2008-{5902,5903,5904})
Status: RESOLVED FIXED
Alias: CVE-2008-5902
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://packetstormsecurity.org/0812-a...
Whiteboard: ~2 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-01-16 10:34 UTC by Stefan Behte (RETIRED)
Modified: 2010-10-07 21:42 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
0001-fix-overflow-when-typing-in-edit-on-login-screen.patch (0001-fix-overflow-when-typing-in-edit-on-login-screen.patch,1.20 KB, patch)
2009-08-07 01:00 UTC, Robert Buchholz (RETIRED) 		no flags Details | Diff
0002-fix-some-buffer-overruns.patch (0002-fix-some-buffer-overruns.patch,5.27 KB, patch)
2009-08-07 01:00 UTC, Robert Buchholz (RETIRED) 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-01-16 10:34:38 UTC 
CVE-2008-5902 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5902):
  Buffer overflow in the xrdp_bitmap_invalidate function in
  xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers
  to execute arbitrary code via a crafted request.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2009-01-16 10:43:54 UTC 
CVE-2008-5903 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5903):
  Array index error in the xrdp_bitmap_def_proc function in
  xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to
  execute arbitrary code via vectors that manipulate the value of the
  edit_pos structure member.

CVE-2008-5904 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5904):
  The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in
  xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown
  impact via input data that sets crafted values for certain length
  variables, leading to a buffer overflow.
Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2009-05-02 19:38:45 UTC 
chutzpah, do you plan to update this?
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2009-08-07 01:00:05 UTC 
Created attachment 200457 [details, diff]
0001-fix-overflow-when-typing-in-edit-on-login-screen.patch
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2009-08-07 01:00:29 UTC 
Created attachment 200458 [details, diff]
0002-fix-some-buffer-overruns.patch

upstream patches. please bump
Comment 5 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-09-27 13:05:43 UTC 
Security, this package has been removed from portage as of this moment, feel free to handle as you best see fit.
Comment 6 Stefan Behte (RETIRED) gentoo-dev Security 2010-10-07 21:41:33 UTC 
Closing noglsa, thanks everyone.