Allele Security Alert
Integer overflow that leads to a heap-based buffer overflow in function rdp_in_unistr()
rdesktop versions up to and including v1.8.3
Proof of concept
rdesktop versions up to and including v1.8.3 contain an integer overflow that leads to a heap-based buffer overflow in function rdp_in_unistr() and results in a memory corruption and possibly even a remote code execution.
Eyal Itkin (Checkpoint Research)
Reverse RDP Attack: Code Execution on RDP Clients
Updated ChangeLog and bumped version to 1.8.4
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: February 11, 2019