19 matches found
Debian dla-4166 : xrdp - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4166 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4166-1 [email protected]...
Linux Distros Unpatched Vulnerability : CVE-2023-40184
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-lev...
openSUSE: Security Advisory for xrdp (SUSE-SU-2023:3830-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : xrdp (SUSE-SU-2023:4873-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4873-1 advisory. - CVE-2023-42822: Fixed unchecked access to font glyph info bsc1215803. - CVE-2023-40184: Fixed restriction bypass via improper...
Fedora 39 : xrdp (2023-5134642a68)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5134642a68 advisory. Release notes for xrdp v0.9.23 2023/08/31 General announcements - Running xrdp and xrdp-sesman on separate hosts is still supported by this release,...
Mageia: Security Advisory (MGASA-2023-0276)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0276 Updated xrdp packages fix security vulnerability
In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in session restrictions such as max concurrent sessions per user by PAM ex...
SUSE-SU-2023:3830-1 Security update for xrdp
This update for xrdp fixes the following issues: - CVE-2023-40184: Fixed restriction bypass via improper session handling bsc1214805...
FreeBSD : xrdp -- Improper handling of session establishment errors allows bypassing OS-level session restrictions (c9ff1150-5d63-11ee-bbae-1c61b4739ac9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c9ff1150-5d63-11ee-bbae-1c61b4739ac9 advisory. - xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper...
SUSE: Security Advisory (SUSE-SU-2023:3735-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : xrdp (SUSE-SU-2023:3735-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:3735-1 advisory. - CVE-2023-40184: Fixed restriction bypass via improper session handling bsc1214805. Tenable has extracted the preceding description block...
SUSE-SU-2023:3735-1 Security update for xrdp
This update for xrdp fixes the following issues: - CVE-2023-40184: Fixed restriction bypass via improper session handling bsc1214805...
Fedora 38 : xrdp (2023-b1d585e148)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b1d585e148 advisory. Release notes for xrdp v0.9.23 2023/08/31 General announcements - Running xrdp and xrdp-sesman on separate hosts is still supported by this release,...
Fedora 37 : xrdp (2023-40298f6951)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-40298f6951 advisory. Release notes for xrdp v0.9.23 2023/08/31 General announcements - Running xrdp and xrdp-sesman on separate hosts is still supported by this release,...
SUSE CVE-2023-40184
xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in in session...
CVE-2023-40184
creationtimestamp| type| source ---|---|--- 2023-08-30 22:12:20+00:00| seen| https://t.me/cibsecurity/69482...
CVE-2023-40184
xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in in session...
CVE-2023-40184
CVE-2023-40184 affects xrdp, an open-source RDP server. In versions prior to 0.9.23, improper handling of session establishment errors can cause bypass of OS-level session restrictions because auth_start_session may return non-zero (e.g., on PAM error), potentially bypassing PAM limits for max co...
CVE-2023-40184 Improper handling of session establishment errors in xrdp
xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in in session...