18 matches found
SUSE: Security Advisory (SUSE-SU-2020:2142-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE Linux Enterprise Server: Security Advisory (SUSE-SU-2020:1943-1)
The remote host is missing an update for SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1933-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1918-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : xrdp (openSUSE-2020-1200)
This update for xrdp fixes the following issues : - Update to version 0.9.13.1 + This is a security fix release that includes fixes for the following local buffer overflow vulnerability bsc1173580: CVE-2020-4044 This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable...
OPENSUSE-SU-2020:1200-1 Security update for xrdp
This update for xrdp fixes the following issues: - Update to version 0.9.13.1 + This is a security fix release that includes fixes for the following local buffer overflow vulnerability bsc1173580: CVE-2020-4044 This update was imported from the SUSE:SLE-15-SP2:Update update project...
SUSE-SU-2020:2142-1 Security update for xrdp
This update for xrdp fixes the following issues: - Update to version 0.9.13.1 + This is a security fix release that includes fixes for the following local buffer overflow vulnerability bsc1173580: CVE-2020-4044...
[SECURITY] [DSA 4737-1] xrdp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4737-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 29, 2020 https://www.debian.org/security/faq -...
SUSE SLES12 Security Update : xrdp (SUSE-SU-2020:1991-1)
This update for xrdp fixes the following issues : Security fixes bsc1173580, CVE-2020-4044 : + Add patches : - xrdp-cve-2020-4044-fix-0.patch - xrdp-cve-2020-4044-fix-1.patch + Rebase SLE patch : - xrdp-fate318398-change-expired-password.patch Update patch : +...
SUSE SLES12 Security Update : xrdp (SUSE-SU-2020:1943-1)
This update for xrdp provides the following fix : CVE-2020-4044: xrdp-sesman can be crashed remotely over port 3350 bsc1173580. Fixed an issue where xrdp-sesman could not restart bsc1155952. Fixed an issue where xrdp could not start due to an error in the service file use absolute path in ExecSta...
openSUSE Security Update : xrdp (openSUSE-2020-999)
This update for xrdp fixes the following issues : - Security fixes bsc1173580, CVE-2020-4044 : + Add patches : - xrdp-cve-2020-4044-fix-0.patch - xrdp-cve-2020-4044-fix-1.patch + Rebase SLE patch : - xrdp-fate318398-change-expired-password.patch This update was imported from the SUSE:SLE-15:Updat...
openSUSE: Security Advisory for xrdp (openSUSE-SU-2020:0999-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : xrdp (SUSE-SU-2020:1933-1)
This update for xrdp fixes the following issues : Security fixes bsc1173580, CVE-2020-4044 : + Add patches : - xrdp-cve-2020-4044-fix-0.patch - xrdp-cve-2020-4044-fix-1.patch + Rebase SLE patch : - xrdp-fate318398-change-expired-password.patch Note that Tenable Network Security has extracted the...
SUSE-SU-2020:1933-1 Security update for xrdp
This update for xrdp fixes the following issues: - Security fixes bsc1173580, CVE-2020-4044: + Add patches: xrdp-cve-2020-4044-fix-0.patch xrdp-cve-2020-4044-fix-1.patch + Rebase SLE patch: xrdp-fate318398-change-expired-password.patch...
SUSE-SU-2020:1918-1 Security update for xrdp
This update for xrdp fixes the following issues: - Security fixes bsc1173580, CVE-2020-4044: + Add patches: xrdp-cve-2020-4044-fix-0.patch xrdp-cve-2020-4044-fix-1.patch + Rebase SLE patch: xrdp-fate318398-change-expired-password.patch...
Fedora: Security Advisory for xrdp (FEDORA-2020-9666e4c9cd)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-4044
CVE-2020-4044 affects the xrdp SESSMAN component. The issue is a local buffer overflow in xrdp-sesman triggered by crafted traffic on port 3350, enabling an unprivileged attacker to crash the sesman process, impersonate sessions, and capture credentials; there is also a risk of hijacking xorgxrdp...
CVE-2020-4044 Local users can perform a buffer overflow attack against the xrdp-sesman service and then impersonate it
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on port 3350. This wi...