Allele Security Alert
Several integer signedness errors that leads to out-of-bounds reads in file mcs.c
rdesktop versions up to and including v1.8.3
Proof of concept
rdesktop versions up to and including v1.8.3 contains several integer signedness errors that leads to out-of-bounds reads in file mcs.c and result in a denial of service (segfault).
Eyal Itkin (Checkpoint Research)
Reverse RDP Attack: Code Execution on RDP Clients
Updated ChangeLog and bumped version to 1.8.4
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: February 11, 2019