60 matches found
Astra Linux - уязвимость в xrdp
xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contains a buffer overflow vulnerability in the xrdpmmtransprocessdrdynvcchannelopen function. There are no known solutions to this...
Astra Linux - уязвимость в xrdp
xrdp is an open-source project that provides a graphical login interface for accessing remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contains a buffer overflow in the xrdpmmchandatain function. There are no known solutions to this issue. Users...
Astra Linux – Vulnerability in xrdp
xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contains an out-of-bound read vulnerability in the xrdpcapsprocessconfirm-active function. There are no known workarounds for this issue. Users are advis...
Astra Linux - уязвимость в xrdp
xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contains a buffer overflow in the devredirprocclientdevlistannouncereq function. There are no known workarounds for this issue. Use...
Astra Linux – Vulnerability in xrdp
xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a “Out of Bound Read” vulnerability in the xrdpsecprocessmcsdataCSCORE function. There are no known workarounds for this issue...
Astra Linux – Vulnerability in xrdp
xrdp is an open-source project that provides a graphical login interface to remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contain an integer overflow in the xrdpmmprocessrailupdatewindowtext function. There are no known solutions to this issue...
Astra Linux – Vulnerability in xrdp
xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contains a “Out of Bound Read” issue in the xrdpmmtransprocessdrdynvcchannelclose function. There are no known solutions to this problem. Users are advis...
Astra Linux – Vulnerability in xrdp
XRDPT is an open-source remote desktop protocol RDP server. In versions prior to 0.9.23, improper handling of session establishment errors allowed bypassing OS-level session restrictions. The authstartsession function could return a non-zero value 1 in the event of, for example, PAM errors. This...
Astra Linux – Vulnerability in xrdp
XRDPTRP is an open-source remote desktop protocol server. Access to the font glyphs in xrdppainter.c is not bounded. Since some of this data is controllable by the user, this can lead to an out-of-bounds read within the xrdp executable. The vulnerability allows for an out-of-bounds read within a...
Astra Linux – Vulnerability in xrdp
XRDPT is an open-source remote desktop protocol RDP server. In affected versions, an integer underflow leading to a heap overflow in the SESMAN server allows any unauthenticated attacker who can access the SESMAN server locally to execute code as root. This vulnerability has been patched in versi...
SUSE CVE-2026-33689
xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message parsing logic. A remote, unauthenticated attacker can trigger this flaw by sending a specially crafted sequence of packets during the initial connection phase...
CVE-2026-33516
A flaw was found in xrdp, an open-source Remote Desktop Protocol RDP server. A remote, unauthenticated attacker can exploit an out-of-bounds read vulnerability by sending a specially crafted Confirm Active PDU during the RDP capability exchange. This issue occurs when memory is accessed without...
Linux Distros Unpatched Vulnerability : CVE-2026-33145
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling...
Linux Distros Unpatched Vulnerability : CVE-2026-33516
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. Versions through 0.10.5 contain an out-of-bounds read vulnerability during the RDP capability exchange phase. The issue occur...
Linux Distros Unpatched Vulnerability : CVE-2026-32107
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop proces...
Linux Distros Unpatched Vulnerability : CVE-2026-32623
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP...
Linux Distros Unpatched Vulnerability : CVE-2026-33689
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message parsing logic. A remot...
CVE-2026-33145
xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...
DEBIAN-CVE-2026-33145
xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...
CVE-2026-32105
xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code MAC signature of encrypted RDP packets when using the "Classic RDP Security" layer. While the sender correctly generates signatures, the receiving logic lacks th...