exploitDog

CVE-2022-23478

Опубликовано: 09 дек. 2022

Источник: debian

Описание

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. Users are advised to upgrade.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
xrdp	fixed	0.9.21.1-1		package

Примечания

https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-2f49-wwpm-78pj
https://github.com/neutrinolabs/xrdp/commit/6cb54a1c26b53617e1c79a0abc96d03c4add1eb8

Связанные уязвимости

CVE-2022-23478

CVSS3: 9.1

ubuntu

больше 2 лет назад

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. Users are advised to upgrade.

CVE-2022-23478

CVSS3: 9.1

nvd

больше 2 лет назад

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. Users are advised to upgrade.

BDU:2022-07225

CVSS3: 9.8

fstec

больше 2 лет назад

Уязвимость функции xrdp_mm_trans_process_drdynvc_channel_open сервера XRDP, позволяющая нарушителю получить доступ к удалённой машине

SUSE-SU-2023:0374-1

suse-cvrf

больше 2 лет назад

Security update for xrdp

SUSE-SU-2023:0033-1

suse-cvrf

больше 2 лет назад

Security update for xrdp