CVE-2022-23613
7.8HIGHxrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able
Publicado: 2/7/2022Atualizado: 11/21/2024
Descrição
xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability has been patched in version 0.9.18.1 and above. Users are advised to upgrade. There are no known workarounds.
Análise IADesenvolvido por IA
Produtos Afetados
neutrinolabsxrdp
0.9.17
neutrinolabsxrdp
0.9.18
fedoraprojectfedora
34
fedoraprojectfedora
35
Referências
- https://github.com/neutrinolabs/xrdp/commit/4def30ab8ea445cdc06832a44c3ec40a506a0ffaPatchThird Party Advisory
- https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-8h98-h426-xf32Third Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K5ONRGARKHGFU2CIEQ7E6M6VJZEM5XWW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3XGFJNQMNXHBD3J7CBM4YURYEDXROWZ/
- https://github.com/neutrinolabs/xrdp/commit/4def30ab8ea445cdc06832a44c3ec40a506a0ffaPatchThird Party Advisory
- https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-8h98-h426-xf32Third Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K5ONRGARKHGFU2CIEQ7E6M6VJZEM5XWW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3XGFJNQMNXHBD3J7CBM4YURYEDXROWZ/