Lucene search

K
redosRedosROS-20221222-01
HistoryDec 22, 2022 - 12:00 a.m.

ROS-20221222-01

2022-12-2200:00:00
redos.red-soft.ru
24
vulnerability
xrdp server
buffer overflow
remote attacker
unauthorized access
arbitrary code
memory boundary
denial of service
integer overflow
input data size
execution restriction
protected information

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

57.6%

A vulnerability in the audin_send_open function of the xrdp server is related to the possibility of a stacked buffer overflow.
Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a remote
machine

Vulnerability in devredir_proc_client_devlist_announce_req() function of XRDP server is related to buffer copying without checking input data size.
buffer without checking the size of the input data. Exploiting the vulnerability could allow an attacker,
acting remotely, to execute arbitrary code

Vulnerability of XRDP server’s xrdp_mm_trans_process_drdynvc_channel_open function is related to the ability to write
outside of a buffer in memory. Exploitation of the vulnerability could allow a remote attacker,
gain access to a remote machine

A vulnerability in the xrdp_mm_trans_process_drdynvc_channel_close() function of the XRDP server is related to the ability to read outside of a buffer in memory.
buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely,
gain unauthorized access to protected information or cause a denial of service

A vulnerability in the xrdp_mm_process_rail_update_window_text() function of the XRDP server is associated with an integer
overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute
arbitrary code

Vulnerability of XRDP server’s xrdp_login_wnd_create() function is related to buffer copying without checking input data size.
the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code

Vulnerability of XRDP server’s xrdp_caps_process_confirm_active() function is related to reading outside the buffer boundaries
in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain
unauthorized access to protected information or cause a denial of service

Vulnerability in the xrdp_mm_chan_data_in() function of the XRDP server is related to buffer copying without checking the size of the input data.
the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code

A vulnerability in the libxrdp_send_to_channel() function of the XRDP server is related to reading outside of buffer boundaries in
memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain
unauthorized access to protected information

Vulnerability of xrdp_sec_process_mcs_data_CS_CORE() function of XRDP server is related to reading outside the buffer in memory.
buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain
unauthorized access to protected information or cause a denial of service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64xrdp<Β 0.9.21-2UNKNOWN

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

57.6%