Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xrdp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-5904
The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and previous versions allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow.
Xrdp Xrdp 0.3
Xrdp Xrdp 0.3.2
Xrdp Xrdp 0.3.1
Xrdp Xrdp
Xrdp Xrdp 0.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-5902
Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and previous versions allows remote malicious users to execute arbitrary code via a crafted request.
Xrdp Xrdp
Xrdp Xrdp 0.4
Xrdp Xrdp 0.3.2
Xrdp Xrdp 0.3.1
Xrdp Xrdp 0.3
7.5
CVSSv2
CVE-2008-5903
Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and previous versions allows remote malicious users to execute arbitrary code via vectors that manipulate the value of the edit_pos structure member.
Xrdp Xrdp 0.3.2
Xrdp Xrdp 0.3.1
Xrdp Xrdp 0.3
Xrdp Xrdp
Xrdp Xrdp 0.4
7.2
CVSSv2
CVE-2022-23613
xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability h...
Neutrinolabs Xrdp 0.9.17
Neutrinolabs Xrdp 0.9.18
Fedoraproject Fedora 34
Fedoraproject Fedora 35
NA
CVE-2023-40184
xrdp is an open source remote desktop protocol (RDP) server. In versions before 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may ...
Neutrinolabs Xrdp
4.6
CVSSv2
CVE-2020-4044
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on p...
Neutrinolabs Xrdp
7.5
CVSSv2
CVE-2017-6967
xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.
Neutrinolabs Xrdp 0.9.1
NA
CVE-2022-23478
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue...
Neutrinolabs Xrdp
Debian Debian Linux 11.0
NA
CVE-2022-23483
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. There are no known workarounds for this issue. Users are advised ...
Neutrinolabs Xrdp
Debian Debian Linux 11.0
1 Github repository
NA
CVE-2022-23477
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrad...
Neutrinolabs Xrdp
Debian Debian Linux 11.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »