CVE-2018-8789
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-8789
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-8789.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-8789
- Downstream
- Related
- Published
- 2018-11-29T18:29:01Z
- Modified
- 2025-10-21T04:39:25.563733Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).
- References
-
- http://www.securityfocus.com/bid/106938
- https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6
- https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html
- https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/
- https://usn.ubuntu.com/3845-1/
- https://usn.ubuntu.com/3845-2/
Affected packages
Git / github.com/freerdp/freerdp
Affected ranges
- Type
- GIT
- Repo
- https://github.com/freerdp/freerdp
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9
2.*
2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
Database specific
vanir_signatures
[
{
"id": "CVE-2018-8789-058ee239",
"deprecated": false,
"digest": {
"length": 166.0,
"function_hash": "104666998909858465077127195473671038048"
},
"signature_version": "v1",
"target": {
"function": "ntlm_write_message_header",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-2a259ec6",
"deprecated": false,
"digest": {
"length": 205.0,
"function_hash": "170710971707607590783363297821836205900"
},
"signature_version": "v1",
"target": {
"function": "ntlm_free_message_fields_buffer",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-2e3f0579",
"deprecated": false,
"digest": {
"length": 154.0,
"function_hash": "283843652711872419912044124972920986301"
},
"signature_version": "v1",
"target": {
"function": "ntlm_populate_message_header",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-3d0a6a25",
"deprecated": false,
"digest": {
"length": 226.0,
"function_hash": "216458904940794659093048359955489533779"
},
"signature_version": "v1",
"target": {
"function": "ntlm_read_message_fields",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-3e03cc66",
"deprecated": false,
"digest": {
"length": 297.0,
"function_hash": "227272114302109720051846611850339263089"
},
"signature_version": "v1",
"target": {
"function": "ntlm_print_message_fields",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-435e63a0",
"deprecated": false,
"digest": {
"length": 287.0,
"function_hash": "79989285417187504712620478628419143651"
},
"signature_version": "v1",
"target": {
"function": "ntlm_read_message_header",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-5479e757",
"deprecated": false,
"digest": {
"length": 366.0,
"function_hash": "330687294269170097786740306995284855654"
},
"signature_version": "v1",
"target": {
"function": "ntlm_read_message_fields_buffer",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-70826ef2",
"deprecated": false,
"digest": {
"length": 179.0,
"function_hash": "173110592803849705728268197453211253761"
},
"signature_version": "v1",
"target": {
"function": "ntlm_write_message_fields_buffer",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-71db47ec",
"deprecated": false,
"digest": {
"length": 232.0,
"function_hash": "270777398848695346094829189835817021072"
},
"signature_version": "v1",
"target": {
"function": "ntlm_write_message_fields",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-c373971f",
"deprecated": false,
"digest": {
"line_hashes": [
"141388096029824229107258550406043917158",
"190381604198957738224615821904871198816",
"107472011250675843518337461985410453668",
"331657587905935938375928408124442702365",
"294933032372482990280748369613247204181",
"257299346344913977102996256675409972028",
"326533349057509587644257562962924979813",
"288220213863572331025000392570149192136",
"320422840755663457233989205783420236795",
"72000167384395992132114718759336864713",
"134520156972828202007209773547494507962",
"224485915753400266215066766221479310924",
"278027235894386815449509789099664286242",
"237779382959456724208502170486875097488",
"175712396941016635511519837515906449920",
"323175446857894556215237070598178406542",
"280099474914777847042906139552064963937",
"126147951973595458915084138453863604080",
"94243000257200106645124783253277634325",
"57356964325644180767956680465074050366",
"295733755374876150530365560171671275797",
"197218410595583638667719244783813296207",
"275837846088023751954566886446380264501",
"158292710558326824696219635057138516273",
"14187902352233405405689005472155043846",
"30761050056529296441160300875491919331",
"57678404627833274032894164970895703648",
"286405008913403208215458626518378822318",
"317873073681882337630457940006601050610",
"30522712860483800440740391271894874517",
"230905932345515611423920906348374256119",
"56506130904988361277835373318002353398",
"93282956823528385495003637186796287285",
"273075007549549054288273079153090172423",
"250126465286811355096668887674986024217",
"103917916208501266416136027903653871419",
"86283449482104195398886800675729523542",
"274204957841935652757746360191395365760",
"258094129583314623248906007764725294860",
"74818200391575424598381810720983480611",
"180402389028844245743152125932673243213",
"161477785166185900976576829104618949833",
"258473084281935068844384514057278756772",
"86901371115714568833490039928028219431",
"234469747823974058129348078647458644448",
"38778876087778001309056396153912066779"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Line",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
},
{
"id": "CVE-2018-8789-f2a8a60d",
"deprecated": false,
"digest": {
"length": 306.0,
"function_hash": "19375029799383113552940580250917110217"
},
"signature_version": "v1",
"target": {
"function": "ntlm_print_negotiate_flags",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"
}
]