CVE-2008-1801

rdesktop 1.5.0 - Integer Underflow in iso_recv_msg Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1801. PoCs published by Guido Landi.

AI-analyzed exploit summary This exploit targets a vulnerability in Microsoft Windows RDP (CVE-2008-1801) by sending a malformed TPKT packet with an oversized length field, leading to a denial-of-service (DoS) condition. The code sets up a listener on port 3389 and sends the crafted payload to any connecting client.

Description

Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Guido Landi · perldoslinux

https://www.exploit-db.com/exploits/5561

View Code ZIP pw:eip

This exploit targets a vulnerability in Microsoft Windows RDP (CVE-2008-1801) by sending a malformed TPKT packet with an oversized length field, leading to a denial-of-service (DoS) condition. The code sets up a listener on port 3389 and sends the crafted payload to any connecting client.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Windows RDP (pre-patch for CVE-2008-1801)

No auth needed

Prerequisites: Network access to target's RDP port (3389)

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (29)

Core 29

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/31224

Exploit x_refsource_confirm

http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/iso.c?r1=1.19&r2=1.20&pathrev=HEAD

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/5561

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30118

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-646-1

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200806-04.xml

Vendor Advisory vendor-advisory x_refsource_fedora

http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30713

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/42272

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1019990

Vendor Advisory vendor-advisory x_refsource_slackware

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.395286

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2008/dsa-1573

Vendor Advisory vendor-advisory x_refsource_fedora

http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2008-0725.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/2403

Vendor Advisory vendor-advisory x_refsource_fedora

http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/29097

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30380

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/1467/references

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2008:101

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11570

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2008-0576.html

Vendor Advisory x_refsource_confirm

http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm

Third Party Advisory third-party-advisory x_refsource_idefense

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=696

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2008-0575.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30248

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/31928

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/31222

Scores

EPSS 0.1313

EPSS Percentile 95.9%

Details

CWE

CWE-189

Status published

Products (1)

rdesktop/rdesktop 1.5.0

Published May 12, 2008

Tracked Since Feb 18, 2026