kekePower/rdesktop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,929 Commits 1 Branch 0 Tags 2.8 MiB
166d1bc14d
Commit Graph

6 Commits

Author SHA1 Message Date
Henrik Andersson
4dca546d04 Malicious RDP server security fixes 
This commit includes fixes for a set of 21 vulnerabilities in
rdesktop when a malicious RDP server is used.

All vulnerabilities was identified and reported by Eyal Itkin.

 * Add rdp_protocol_error function that is used in several fixes
 * Refactor of process_bitmap_updates
 * Fix possible integer overflow in s_check_rem() on 32bit arch
 * Fix memory corruption in process_bitmap_data - CVE-2018-8794
 * Fix remote code execution in process_bitmap_data - CVE-2018-8795
 * Fix remote code execution in process_plane - CVE-2018-8797
 * Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175
 * Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175
 * Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176
 * Fix Denial of Service in sec_recv - CVE-2018-20176
 * Fix minor information leak in rdpdr_process - CVE-2018-8791
 * Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792
 * Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793
 * Fix Denial of Service in process_bitmap_data - CVE-2018-8796
 * Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798
 * Fix Denial of Service in process_secondary_order - CVE-2018-8799
 * Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800
 * Fix major information leak in ui_clip_handle_data - CVE-2018-20174
 * Fix memory corruption in rdp_in_unistr - CVE-2018-20177
 * Fix Denial of Service in process_demand_active - CVE-2018-20178
 * Fix remote code execution in lspci_process - CVE-2018-20179
 * Fix remote code execution in rdpsnddbg_process - CVE-2018-20180
 * Fix remote code execution in seamless_process - CVE-2018-20181
 * Fix remote code execution in seamless_process_line - CVE-2018-20182
 2019-01-16 12:28:44 +01:00
Alexander Zakharov
c58d91c077 Fix file sizes for redirected disks 2017-12-15 20:29:37 +03:00
Cendio
2f03f65efe Add Dynamic Virtual Channels and basic RDPEDISP support 
Fix issue #192

Signed-off-by: Henrik Andersson <hean01@cendio.com>
Signed-off-by: Karl Mikaelsson <derfian@cendio.se>
 2017-11-09 15:39:39 +01:00
Henrik Andersson
791906e45d Add function to write fixed length utf16 string to stream 2017-09-29 16:30:17 +02:00
Henrik Andersson
de8fe9429f Add two new stream functions for writing utf16 strings 
This is the first steps of removing the old rdp_out_unistr() and
using clearer code.
 2017-09-29 14:24:27 +02:00
Henrik Andersson
b8fe3e9315 Rename parse to stream 2017-09-29 11:13:02 +02:00