9 matches found
SA44525 - 2020-07: Out-of-Cycle Advisory: Multiple Vulnerabilities in Apache Guacamole Software
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This advisory provides information about the Apache Guacamole HTML5 Access vulnerabilities highlighted in CVE-2020-9498 and CVE-2020-9497. If a end user connects to a malicious or...
Mageia: Security Advisory (MGASA-2021-0272)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 32 : guacamole-server (2020-bfde0ab889)
Updated SPEC file and rebuilt for new dependencies. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 33 : guacamole-server (2020-640645e518)
Updated SPEC file and rebuilt for new dependencies. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Debian: Security Advisory (DLA-2435-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slack < 4.4.0 Remote Code Execution (Deprecated)
This plugin has been deprecated due to server side fixes. The version of the Slack Desktop installed on the remote host is prior to 4.4.0. It is, therefore, affected by a Remote Code Execution vulnerability. With any in-app redirect - logic/open redirect, HTML or javascript injection, it is...
CVE-2020-9497
Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the...
CVE-2020-9497
Apache Guacamole up to version 1.1.0 is affected by CVE-2020-9497 due to improper validation of data from RDP servers via static virtual channels, potentially allowing disclosure of memory in the guacd process when connecting to a malicious or compromised RDP server. Connected sources also refere...
CVE-2020-9497
creationtimestamp| type| source ---|---|--- 2020-07-02 12:02:20+00:00| seen| https://t.me/thehackernews/749 2020-07-05 21:09:55+00:00| seen| https://t.me/YemenShield/16 2020-07-08 03:48:03+00:00| seen| https://t.me/cKure/1146 2024-09-25 20:47:41+00:00| published-proof-of-concept|...