Lucene search
Veracode Vulnerability DatabaseVERACODE:28391HistoryDec 06, 2020 - 4:20 a.m.
Escalation Of Privilege
2020-12-0604:20:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.002 Low
EPSS
Percentile
56.6%
xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.
| CPE | Name | Operator | Version |
|---|---|---|---|
| xrdp:stretch | eq | 0.9.1-9+deb9u3 | |
| xrdp:stretch | eq | 0.9.1-9+deb9u3 |
Related
cve
cve
CVE-2017-6967
2017-03-17 09:59:00
openvas
openvas
Debian: Security Advisory (DLA-872-1)
2018-01-11 00:00:00
Fedora Update for xrdp FEDORA-2017-7bd002b77c
2017-04-18 00:00:00
Fedora Update for xrdp FEDORA-2017-8eac23007d
2017-04-18 00:00:00
ubuntucve
ubuntucve
CVE-2017-6967
2017-03-17 00:00:00
osv
osv
CVE-2017-6967
2017-03-17 09:59:00
xrdp - security update
2017-03-27 00:00:00
xrdp vulnerabilities
2021-03-15 21:50:35
nessus
nessus
Fedora 26 : 1:xrdp / xorgxrdp (2017-fc634e7ee7)
2017-07-17 00:00:00
Fedora 25 : 1:xrdp / xorgxrdp (2017-7bd002b77c)
2017-04-17 00:00:00
Fedora 24 : 1:xrdp / xorgxrdp (2017-8eac23007d)
2017-04-17 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: xorgxrdp-0.2.1-1.fc26
2017-04-13 14:09:05
[SECURITY] Fedora 25 Update: xorgxrdp-0.2.1-1.fc25
2017-04-16 20:24:14
[SECURITY] Fedora 24 Update: xrdp-0.9.2-5.fc24
2017-04-16 19:19:57
prion
prion
Design/Logic Flaw
2017-03-17 09:59:00
cvelist
cvelist
CVE-2017-6967
2017-03-17 08:55:00
debian
debian
[SECURITY] [DLA 872-1] xrdp security update
2017-03-27 08:18:21
debiancve
debiancve
CVE-2017-6967
2017-03-17 09:59:00
nvd
nvd
CVE-2017-6967
2017-03-17 09:59:00
ubuntu
ubuntu
xrdp vulnerabilities
2021-03-15 00:00:00