The vulnerability of the authentication mechanism of the XRDP remote access tool, which allows a intruder to gain unauthorized access

The vulnerability of the XRDP remote access authentication mechanism is related to deficiencies in the retry limit for authentication attempts, which is controlled by the MaxLoginRetry parameter set in the configuration file /etc/xrdp/sesman.ini. Exploiting this vulnerability allows a malicious...

CVE-2024-39917

xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter MaxLoginRetry in /etc/xrdp/sesman.ini. However, this...

CVE-2024-39917

CVE-2024-39917 affects the xrdp project (RDP server). The issue occurs in xrdp versions prior to 0.10.0 where the MaxLoginRetry setting in /etc/xrdp/sesman.ini does not hard limit login attempts, allowing an infinite number of attempts. Public documents classify the vulnerability as high/critical...

CVE-2024-39917

xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter MaxLoginRetry in /etc/xrdp/sesman.ini. However, this...

PT-2024-9098

Name of the Vulnerable Software and Affected Versions: xrdp versions prior to 0.10.0 Description: xrdp is an open source RDP server that has a vulnerability allowing attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configurati...