Lucene search
Veracode Vulnerability DatabaseVERACODE:28434HistoryDec 06, 2020 - 4:35 a.m.
Information Disclosure
2020-12-0604:35:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
xrdp
vulnerability
information disclosure
user passwords
decryption
EPSS
0.004
Percentile
73.7%
xrdp is vulnerable to information disclosure. The vulnerability exists through the successful logging to RDP into an xrdp session, the file ~/.vnc/sesman_${username}passwd uses a known key to store session passwords in text files. Allows an attacker to decrypt the file and obtain a user password.
Related
openvas
openvas
Fedora Update for xrdp FEDORA-2017-8fffbae8af
2017-02-24 00:00:00
Fedora Update for xrdp FEDORA-2017-05e32fe278
2017-03-03 00:00:00
SUSE Linux Enterprise Server: Security Advisory (SUSE-SU-2019:1860-1)
2021-04-19 00:00:00
debiancve
debiancve
CVE-2013-1430
2016-12-16 09:59:00
cvelist
cvelist
CVE-2013-1430
2016-12-16 09:02:00
nvd
nvd
CVE-2013-1430
2016-12-16 09:59:00
prion
prion
Default credentials
2016-12-16 09:59:00
fedora
fedora
[SECURITY] Fedora 24 Update: xrdp-0.9.1-5.fc24
2017-03-03 03:51:05
[SECURITY] Fedora 25 Update: xrdp-0.9.1-5.fc25
2017-02-23 18:55:08
ubuntucve
ubuntucve
CVE-2013-1430
2016-12-16 00:00:00
nessus
nessus
Fedora 25 : 1:xrdp (2017-8fffbae8af)
2017-02-24 00:00:00
Fedora 24 : 1:xrdp (2017-05e32fe278)
2017-03-03 00:00:00
SUSE SLED12 / SLES12 Security Update : xrdp (SUSE-SU-2019:1847-1)
2019-07-16 00:00:00
cve
cve
CVE-2013-1430
2016-12-16 09:59:00
osv
osv
libpainter0-0.9.15-2.2 on GA media
2024-06-15 00:00:00