Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-1430

Опубликовано: 16 дек. 2016
Источник: nvd
CVSS3: 9.8
CVSS2: 5
EPSS Низкий

Описание

An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:neutrinolabs:xrdp:*:*:*:*:*:*:*:*
Версия до 0.8.0 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 57%
0.00349
Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-255

Связанные уязвимости

ubuntu логотип

CVE-2013-1430

CVSS3: 9.8
ubuntu
больше 8 лет назад

An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.

debian логотип

CVE-2013-1430

CVSS3: 9.8
debian
больше 8 лет назад

An issue was discovered in xrdp before 0.9.1. When successfully loggin ...

github логотип

GHSA-26xv-5c8j-w237

CVSS3: 9.8
github
больше 3 лет назад

An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.

suse-cvrf логотип

SUSE-SU-2019:1860-1

suse-cvrf
около 6 лет назад

Security update for xrdp

suse-cvrf логотип

SUSE-SU-2019:1847-1

suse-cvrf
около 6 лет назад

Security update for xrdp

EPSS

Процентиль: 57%
0.00349
Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-255