On Tue, Jun 22, 2010 at 6:39 PM, Itamar Reis Peixoto <ita...@ispbrasil.com.br> wrote: > On Mon, Jun 21, 2010 at 3:27 PM, Tim Lank <timl...@timlank.com> wrote: >> Xrdp development Team, >> >> Please reply about the status of xrdp resolving these vulnerabilities >> and exposures.... >> >> .) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5904 >> CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend) >> buffer overflow >> >> .) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5903 >> CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend) >> remote attackers can execute arbitrary code >> >> .) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5902 >> CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend) >> buffer overflow >> >> AV: Access vector = Network >> AC: Access Complexity (required attack complexity) = Low >> Au: Authentication Required to Exploit = none >> C: Confidentiality Impact = partial >> I: Integrity Impact = partial >> A: Availability Impact = partial >> >> Thank you in advance for your assistance. >> >> Tim Lank > > > I think most of the people are using the cvs version > > > > > -- > ------------ > > Itamar Reis Peixoto >
So are these resolved in the cvs version (i.e. post v0.4.1)? Tim ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ xrdp-devel mailing list xrdp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xrdp-devel
