CVE-2008-5405

Name of the Vulnerable Software and Affected Versions Cain & Abel versions 4.9.23 through 4.9.24 Cain & Abel versions prior to 4.9.25 are not explicitly mentioned, but based on the information that 4.9.23 and 4.9.24 are affected, it can be inferred that earlier versions may also be vulnerable.

Description The issue is caused by a boundary error in the processing of RDP files, which can be exploited to cause a stack-based buffer overflow. This can be achieved by tricking a user into decoding a specially crafted RDP file. Successful exploitation allows execution of arbitrary code.

Recommendations For Cain & Abel versions 4.9.23 and 4.9.24, consider avoiding the use of the RDP protocol password decoder until a patch is available. As a temporary workaround, restrict the decoding of RDP files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.