rpm package
opensuse/xrdp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/xrdp&distro=openSUSE%20Tumbleweed
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-23493 | — | < 0.9.20-4.1 | 0.9.20-4.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue. U | ||
| CVE-2022-23613 | — | < 0.9.19-1.1 | 0.9.19-1.1 | Feb 7, 2022 | xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability h | ||
| CVE-2020-4044 | — | < 0.9.15-2.2 | 0.9.15-2.2 | Jun 30, 2020 | The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on p | ||
| CVE-2017-16927 | Hig | 8.4 | < 0.9.15-2.2 | 0.9.15-2.2 | Nov 23, 2017 | The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impa | |
| CVE-2017-6967 | Hig | 7.3 | < 0.9.15-2.2 | 0.9.15-2.2 | Mar 17, 2017 | xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass. | |
| CVE-2013-1430 | Cri | 9.8 | < 0.9.15-2.2 | 0.9.15-2.2 | Dec 16, 2016 | An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key. |
- CVE-2022-23493Dec 9, 2022affected < 0.9.20-4.1fixed 0.9.20-4.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue. U
- CVE-2022-23613Feb 7, 2022affected < 0.9.19-1.1fixed 0.9.19-1.1
xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability h
- CVE-2020-4044Jun 30, 2020affected < 0.9.15-2.2fixed 0.9.15-2.2
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on p
- affected < 0.9.15-2.2fixed 0.9.15-2.2
The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impa
- affected < 0.9.15-2.2fixed 0.9.15-2.2
xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.
- affected < 0.9.15-2.2fixed 0.9.15-2.2
An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.
Page 2 of 2