A flaw was found in rdesktop before 1.8.4. A issue in fmcs_recv_connect_response and mcs_parse_domain_params functions may lead to denial of service. Upstream patch: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 https://github.com/rdesktop/rdesktop/releases/tag/v1.8.4
Created rdesktop tracking bugs for this issue: Affects: fedora-all [bug 1670427]
Note: You need to connect to a malicious or a MITM RDP server in order to trigger this flaw. The malicious RDP server can cause the client to crash.