• Main
  • Advisories
  • KLCERT-19-032: Denial of Service in RDesktop before 1.8.4

30 October 2019

KLCERT-19-032: Denial of Service in RDesktop before 1.8.4

Timeline

Description

RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. These issues have been fixed in version 1.8.5.

CVSS v3

0.0

 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Exploitability

Remotely

Attack complexity

Low

User interaction

None

Impact

Successful exploitation of this vulnerability could allow an attacker to cause Denial of Service.

Existence of exploit

Unknown

Affected products

RDesktop before 1.8.4

Mitigation

Vendor mitigation

Upgrade to a newer version: 1.8.5

Kaspersky publishes information on newly identified vulnerabilities in order to raise user awareness of the IT security threats detected. Kaspersky does not make any guarantees in respect of information received from vendors of products in which vulnerabilities have been identified, which is included in the following sections of the advisory: Affected Products, Vendor Mitigation.

Back to top
Back to top

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.