Ubuntu 16.04 ESM : xrdp vulnerabilities (USN-4815-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4815-1 advisory. It was discovered that xrdp did not properly validate certain input in the session manager. A local attacker could possibly use this issue to cause a...

CVE-2017-6967

xrdp 0.9.1 calls the PAM function authstartsession in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pamlimits.so bypass...

CVE-2017-6967

xrdp 0.9.1 calls the PAM function authstartsession in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pamlimits.so bypass...

CVE-2017-6967

xrdp 0.9.1 calls the PAM function authstartsession in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pamlimits.so bypass...

CVE-2017-6967

CVE-2017-6967 affects xrdp (v0.9.1) where PAM session modules are not properly initialized due to calling auth_start_session in the wrong place, potentially enabling privilege elevation or misconfiguration through pam_limits.so bypass. Public sources (Ubuntu USN-4815-1, SUSE/SLES advisories) indi...