CVE-2018-8798 - Vulnerability Details - OpenCVE

rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Rdesktop	Rdesktop

Configuration 1 [-]

cpe:2.3:a:rdesktop:rdesktop:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

No data.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html
http://www.securityfocus.com/bid/106938
https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1
https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html
https://nvd.nist.gov/vuln/detail/CVE-2018-8798
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/
https://security.gentoo.org/glsa/201903-06
https://www.cve.org/CVERecord?id=CVE-2018-8798
https://www.debian.org/security/2019/dsa-4394

History

No history.

MITRE

Status: PUBLISHED

Assigner: checkpoint

Published: 2019-02-05T20:00:00Z

Updated: 2024-09-16T19:36:49.450Z

Reserved: 2018-03-19T00:00:00

Link: CVE-2018-8798

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-02-05T20:29:00.667

Modified: 2024-11-21T04:14:20.330

Link: CVE-2018-8798

Redhat

Severity : Moderate

Publid Date: 2019-01-04T00:00:00Z

Links: CVE-2018-8798 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "rdesktop", "vendor": "Check Point Software Technologies Ltd.", "versions": [{"status": "affected", "version": "All versions up to and including v1.8.3"}]}], "datePublic": "2019-02-05T00:00:00", "descriptions": [{"lang": "en", "value": "rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-126", "description": "CWE-126: Buffer Over-read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-09-14T23:06:12", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint"}, "references": [{"name": "106938", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/106938"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"}, {"name": "GLSA-201903-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201903-06"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/"}, {"name": "DSA-4394", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4394"}, {"name": "[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html"}, {"name": "openSUSE-SU-2019:2135", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@checkpoint.com", "DATE_PUBLIC": "2019-02-05T00:00:00", "ID": "CVE-2018-8798", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "rdesktop", "version": {"version_data": [{"version_value": "All versions up to and including v1.8.3"}]}}]}, "vendor_name": "Check Point Software Technologies Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-126: Buffer Over-read"}]}]}, "references": {"reference_data": [{"name": "106938", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106938"}, {"name": "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1", "refsource": "MISC", "url": "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"}, {"name": "GLSA-201903-06", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201903-06"}, {"name": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", "refsource": "CONFIRM", "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/"}, {"name": "DSA-4394", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4394"}, {"name": "[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html"}, {"name": "openSUSE-SU-2019:2135", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T07:02:26.146Z"}, "title": "CVE Program Container", "references": [{"name": "106938", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/106938"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"}, {"name": "GLSA-201903-06", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201903-06"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/"}, {"name": "DSA-4394", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2019/dsa-4394"}, {"name": "[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html"}, {"name": "openSUSE-SU-2019:2135", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html"}]}]}, "cveMetadata": {"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2018-8798", "datePublished": "2019-02-05T20:00:00Z", "dateReserved": "2018-03-19T00:00:00", "dateUpdated": "2024-09-16T19:36:49.450Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rdesktop:rdesktop:*:*:*:*:*:*:*:*", "matchCriteriaId": "223ED7FC-79EF-4324-82AE-D3794128C7A3", "versionEndIncluding": "1.8.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak."}, {"lang": "es", "value": "Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen una lectura fuera de l\u00edmites en la funci\u00f3n rdpsnd_process_ping(), lo que resulta en una fuga de informaci\u00f3n."}], "id": "CVE-2018-8798", "lastModified": "2024-11-21T04:14:20.330", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-02-05T20:29:00.667", "references": [{"source": "cve@checkpoint.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html"}, {"source": "cve@checkpoint.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106938"}, {"source": "cve@checkpoint.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"}, {"source": "cve@checkpoint.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html"}, {"source": "cve@checkpoint.com", "tags": ["Third Party Advisory"], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/"}, {"source": "cve@checkpoint.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201903-06"}, {"source": "cve@checkpoint.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2019/dsa-4394"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106938"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201903-06"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2019/dsa-4394"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-126"}], "source": "cve@checkpoint.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}