kekePower/rdesktop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Unix client for Microsoft Remote Desktop Services
1,915 Commits 1 Branch 0 Tags 2.8 MiB
C 96.4%
M4 2.2%
Makefile 0.6%
Shell 0.5%
Python 0.3%
4dca546d04
Go to file
Henrik Andersson 4dca546d04 Malicious RDP server security fixes 
This commit includes fixes for a set of 21 vulnerabilities in
rdesktop when a malicious RDP server is used.

All vulnerabilities was identified and reported by Eyal Itkin.

 * Add rdp_protocol_error function that is used in several fixes
 * Refactor of process_bitmap_updates
 * Fix possible integer overflow in s_check_rem() on 32bit arch
 * Fix memory corruption in process_bitmap_data - CVE-2018-8794
 * Fix remote code execution in process_bitmap_data - CVE-2018-8795
 * Fix remote code execution in process_plane - CVE-2018-8797
 * Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175
 * Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175
 * Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176
 * Fix Denial of Service in sec_recv - CVE-2018-20176
 * Fix minor information leak in rdpdr_process - CVE-2018-8791
 * Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792
 * Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793
 * Fix Denial of Service in process_bitmap_data - CVE-2018-8796
 * Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798
 * Fix Denial of Service in process_secondary_order - CVE-2018-8799
 * Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800
 * Fix major information leak in ui_clip_handle_data - CVE-2018-20174
 * Fix memory corruption in rdp_in_unistr - CVE-2018-20177
 * Fix Denial of Service in process_demand_active - CVE-2018-20178
 * Fix remote code execution in lspci_process - CVE-2018-20179
 * Fix remote code execution in rdpsnddbg_process - CVE-2018-20180
 * Fix remote code execution in seamless_process - CVE-2018-20181
 * Fix remote code execution in seamless_process_line - CVE-2018-20182
2019-01-16 12:28:44 +01:00
doc Add TLS 1.1 and 1.2 support 2018-10-18 17:35:02 +02:00
keymaps Update ru 2018-01-27 09:39:49 +04:00
tests Use proper user-initiated disconnect sequence 2018-01-31 11:03:32 +01:00
.gitignore Ensure (partial) resize functionality with automated tests 2017-12-07 11:15:03 +01:00
.travis.yml Let Travis build with both GCC and clang, take 2 2017-10-06 12:54:11 +02:00
asn.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
bitmap.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
bootstrap Removing old autom4te.cache before autoreconf. Seems to 2004-09-07 11:33:46 +00:00
cache.c Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
channels.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
cliprdr.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
config.guess Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
config.sub Now using Autoconf. Old OpenSSL files removed. 2004-07-31 13:07:41 +00:00
configure.ac Always include frame pointers with address sanitizer 2018-07-02 13:39:39 +02:00
constants.h Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
COPYING Changed license to GPLv3 2010-01-12 08:31:06 +00:00
cssp.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
ctrl.c Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
disk.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
disk.h Changed license to GPLv3 2010-01-12 08:31:06 +00:00
dvc.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
ewmhints.c Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
genauthors Make it possible to automatically generate the AUTHORS file from the 2011-04-13 11:33:22 +00:00
indent-all.sh Remove deprecated rdp2vnc 2017-08-14 15:58:48 +02:00
install-sh Now using Autoconf. Old OpenSSL files removed. 2004-07-31 13:07:41 +00:00
iso.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
licence.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
lspci.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
Makefile.in Add Dynamic Virtual Channels and basic RDPEDISP support 2017-11-09 15:39:39 +01:00
mcs.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
mppc.c Clean up undefined behavior in complicated and/or/shift expression 2017-11-09 18:46:07 +01:00
orders.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
orders.h Changed license to GPLv3 2010-01-12 08:31:06 +00:00
parallel.c Remove implicit fall-throughs from bitmap.c and parallel.c 2018-01-31 15:04:49 +01:00
printer.c Fix sign-compare compiler warnings 2017-10-20 13:30:42 +02:00
printercache.c Rework the logging system 2017-01-26 14:19:40 +01:00
proto.h Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
pstcache.c Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
rdesktop.c fix l_to_a does not work for a base other than 10 2018-11-07 00:20:39 +01:00
rdesktop.h Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
rdesktop.spec Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
rdp5.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
rdp.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
rdpdr.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
rdpedisp.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
rdpsnd_alsa.c Fix sign-compare compiler warnings 2017-10-20 13:30:42 +02:00
rdpsnd_dsp.c Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
rdpsnd_dsp.h Changed license to GPLv3 2010-01-12 08:31:06 +00:00
rdpsnd_libao.c Remove compiler warnings from rdpsnd_libao 2017-11-13 17:00:53 +01:00
rdpsnd_oss.c Markup unused parameters 2017-10-20 11:05:52 +02:00
rdpsnd_pulse.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
rdpsnd_sgi.c Rework the logging system 2017-01-26 14:19:40 +01:00
rdpsnd_sun.c Rework the logging system 2017-01-26 14:19:40 +01:00
rdpsnd.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
rdpsnd.h Add support for pulseaudio backend 2017-09-26 15:07:14 +02:00
README.md README.md: Mark up parameters and commands 2018-01-03 14:15:30 +01:00
scancodes.h Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
scard.c fix lgtm: 'Too few arguments to formatting function' 2018-11-06 22:23:25 +01:00
scard.h Fixes a bug with Windows Server 2012 r2 and smartcard 2014-09-11 11:54:46 +00:00
seamless.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
seamless.h Fixed style of a few copyright statements. 2011-09-28 09:36:59 +00:00
secure.c Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
serial.c Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
ssl.c Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
ssl.h Add additional logging for SSL errors 2017-05-12 13:15:45 +02:00
stream.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
stream.h Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
tcp.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
types.h Malicious RDP server security fixes 2019-01-16 12:28:44 +01:00
utils.c Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
utils.h Run indent-all.sh script on source 2018-10-29 15:53:57 +01:00
xclip.c Fix minor spelling mistakes 2017-11-02 01:01:44 +01:00
xkeymap.c Refactor deactivation of seamless mode 2017-12-07 10:30:01 +01:00
xproto.h Add _NET_WM_PID and required WM_CLIENT_MACHINE properties to windows. 2015-09-15 12:38:28 +02:00
xwin.c Fix Solaris build 2018-10-31 10:51:13 +03:00

README.md

rdesktop - A Remote Desktop Protocol client

rdesktop is an open source client for Microsoft's RDP protocol. It is known to work with Windows versions ranging from NT 4 Terminal Server to Windows 2012 R2 RDS. rdesktop currently has implemented the RDP version 4 and 5 protocols.

Installation

rdesktop uses a GNU-style build procedure. Typically all that is necessary to install rdesktop is the following:

% ./configure
% make
% make install

The default is to install under /usr/local. This can be changed by adding --prefix=<directory> to the configure line.

The smart-card support module uses PCSC-lite. You should use PCSC-lite 1.2.9 or later. To enable smart-card support in the rdesktop add --enable-smartcard to the configure line.

Note for users building from source

If you have retrieved a snapshot of the rdesktop source, you will first need to run ./bootstrap in order to generate the build infrastructure. This is not necessary for release versions of rdesktop.

Usage

Connect to an RDP server with:

% rdesktop server

where server is the name of the Terminal Services machine. If you receive "Connection refused", this probably means that the server does not have Terminal Services enabled, or there is a firewall blocking access.

You can also specify a number of options on the command line. These are listed in the rdesktop manual page (run man rdesktop).