Debian: Security Advisory (DLA-872-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-872-1 : xrdp security update

It was discovered that xrdp, a Remote Desktop Protocol RDP server, calls the PAM function authstartsession in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pamlimits....

[SECURITY] [DLA 872-1] xrdp security update

Package : xrdp Version : 0.5.0-2+deb7u1 CVE ID : CVE-2017-6967 Debian Bug : 858143 It was discovered that xrdp, a Remote Desktop Protocol RDP server, calls the PAM function authstartsession in an incorrect location, leading to PAM session modules not being properly initialized, with a potential...

CVE-2017-6967

xrdp 0.9.1 calls the PAM function authstartsession in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pamlimits.so bypass...

CVE-2017-6967

CVE-2017-6967 affects xrdp (v0.9.1) where PAM session modules are not properly initialized due to calling auth_start_session in the wrong place, potentially enabling privilege elevation or misconfiguration through pam_limits.so bypass. Public sources (Ubuntu USN-4815-1, SUSE/SLES advisories) indi...