Xrdp development Team,
Please denote whether the following vulnerabilities and exposures are
resolved with the current cvs version (i.e. anything post v0.4.1)....
.) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5904
CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)
buffer overflow
.) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5903
CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)
remote attackers can execute arbitrary code
.) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5902
CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)
buffer overflow
AV: Access vector = Network
AC: Access Complexity (required attack complexity) = Low
Au: Authentication Required to Exploit = none
C: Confidentiality Impact = partial
I: Integrity Impact = partial
A: Availability Impact = partial
Thank you in advance for your assistance.
Tim Lank
------------------------------------------------------------------------------
ThinkGeek and WIRED's GeekDad team up for the Ultimate
GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the
lucky parental unit. See the prize list and enter to win:
http://p.sf.net/sfu/thinkgeek-promo
_______________________________________________
xrdp-devel mailing list
xrdp-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xrdp-devel
