Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
neutrinolabs xrdp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-23484
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. There are no known workarounds for this issue. Use...
Neutrinolabs Xrdp
Debian Debian Linux 11.0
NA
CVE-2022-23493
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue...
Neutrinolabs Xrdp
Debian Debian Linux 11.0
642
VMScore
CVE-2022-23613
xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability h...
Neutrinolabs Xrdp 0.9.17
Neutrinolabs Xrdp 0.9.18
Fedoraproject Fedora 34
Fedoraproject Fedora 35
409
VMScore
CVE-2020-4044
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on p...
Neutrinolabs Xrdp
641
VMScore
CVE-2017-16927
The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp up to and including 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecifie...
Neutrinolabs Xrdp
Debian Debian Linux 7.0
668
VMScore
CVE-2017-6967
xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.
Neutrinolabs Xrdp 0.9.1
445
VMScore
CVE-2013-1430
An issue exists in xrdp prior to 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.
Neutrinolabs Xrdp
Debian Debian Linux 7.0
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2