4dca546d04
This commit includes fixes for a set of 21 vulnerabilities in rdesktop when a malicious RDP server is used. All vulnerabilities was identified and reported by Eyal Itkin. * Add rdp_protocol_error function that is used in several fixes * Refactor of process_bitmap_updates * Fix possible integer overflow in s_check_rem() on 32bit arch * Fix memory corruption in process_bitmap_data - CVE-2018-8794 * Fix remote code execution in process_bitmap_data - CVE-2018-8795 * Fix remote code execution in process_plane - CVE-2018-8797 * Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175 * Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175 * Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176 * Fix Denial of Service in sec_recv - CVE-2018-20176 * Fix minor information leak in rdpdr_process - CVE-2018-8791 * Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792 * Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793 * Fix Denial of Service in process_bitmap_data - CVE-2018-8796 * Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798 * Fix Denial of Service in process_secondary_order - CVE-2018-8799 * Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800 * Fix major information leak in ui_clip_handle_data - CVE-2018-20174 * Fix memory corruption in rdp_in_unistr - CVE-2018-20177 * Fix Denial of Service in process_demand_active - CVE-2018-20178 * Fix remote code execution in lspci_process - CVE-2018-20179 * Fix remote code execution in rdpsnddbg_process - CVE-2018-20180 * Fix remote code execution in seamless_process - CVE-2018-20181 * Fix remote code execution in seamless_process_line - CVE-2018-20182 |
||
---|---|---|
doc | ||
keymaps | ||
tests | ||
.gitignore | ||
.travis.yml | ||
asn.c | ||
bitmap.c | ||
bootstrap | ||
cache.c | ||
channels.c | ||
cliprdr.c | ||
config.guess | ||
config.sub | ||
configure.ac | ||
constants.h | ||
COPYING | ||
cssp.c | ||
ctrl.c | ||
disk.c | ||
disk.h | ||
dvc.c | ||
ewmhints.c | ||
genauthors | ||
indent-all.sh | ||
install-sh | ||
iso.c | ||
licence.c | ||
lspci.c | ||
Makefile.in | ||
mcs.c | ||
mppc.c | ||
orders.c | ||
orders.h | ||
parallel.c | ||
printer.c | ||
printercache.c | ||
proto.h | ||
pstcache.c | ||
rdesktop.c | ||
rdesktop.h | ||
rdesktop.spec | ||
rdp5.c | ||
rdp.c | ||
rdpdr.c | ||
rdpedisp.c | ||
rdpsnd_alsa.c | ||
rdpsnd_dsp.c | ||
rdpsnd_dsp.h | ||
rdpsnd_libao.c | ||
rdpsnd_oss.c | ||
rdpsnd_pulse.c | ||
rdpsnd_sgi.c | ||
rdpsnd_sun.c | ||
rdpsnd.c | ||
rdpsnd.h | ||
README.md | ||
scancodes.h | ||
scard.c | ||
scard.h | ||
seamless.c | ||
seamless.h | ||
secure.c | ||
serial.c | ||
ssl.c | ||
ssl.h | ||
stream.c | ||
stream.h | ||
tcp.c | ||
types.h | ||
utils.c | ||
utils.h | ||
xclip.c | ||
xkeymap.c | ||
xproto.h | ||
xwin.c |
rdesktop - A Remote Desktop Protocol client
rdesktop is an open source client for Microsoft's RDP protocol. It is known to work with Windows versions ranging from NT 4 Terminal Server to Windows 2012 R2 RDS. rdesktop currently has implemented the RDP version 4 and 5 protocols.
Installation
rdesktop uses a GNU-style build procedure. Typically all that is necessary to install rdesktop is the following:
% ./configure
% make
% make install
The default is to install under /usr/local
. This can be changed by adding
--prefix=<directory>
to the configure line.
The smart-card support module uses PCSC-lite. You should use PCSC-lite 1.2.9 or
later. To enable smart-card support in the rdesktop add --enable-smartcard
to
the configure line.
Note for users building from source
If you have retrieved a snapshot of the rdesktop source, you will first
need to run ./bootstrap
in order to generate the build infrastructure.
This is not necessary for release versions of rdesktop.
Usage
Connect to an RDP server with:
% rdesktop server
where server
is the name of the Terminal Services machine. If you receive
"Connection refused", this probably means that the server does not have
Terminal Services enabled, or there is a firewall blocking access.
You can also specify a number of options on the command line. These are listed
in the rdesktop manual page (run man rdesktop
).