Please Install the Updated Packages.

Several vulnerabilities were discovered in rdesktop, a Remote Desktop Protocol client. An integer underflow vulnerability allowed attackers to cause a denial of service (crash) and possibly execute arbitrary code with the privileges of the logged-in user (CVE-2008-1801). A buffer overflow vulnerability allowed attackers to execute arbitrary code with the privileges of the logged-in user (CVE-2008-1802). An integer signedness vulnerability allowed attackers to execute arbitrary code with the privileges of the logged-in user (CVE-2008-1803). In order for these vulnerabilities to be exploited, an attacker must persuade a targeted user to connect to a malicious RDP server. The updated packages have been patched to correct these issues.

rdesktop on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64