Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xrdp xrdp vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2008-5903
Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and previous versions allows remote malicious users to execute arbitrary code via vectors that manipulate the value of the edit_pos structure member.
Xrdp Xrdp 0.3.2
Xrdp Xrdp 0.3.1
Xrdp Xrdp 0.3
Xrdp Xrdp
Xrdp Xrdp 0.4
755
VMScore
CVE-2008-5904
The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and previous versions allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow.
Xrdp Xrdp 0.3
Xrdp Xrdp 0.3.2
Xrdp Xrdp 0.3.1
Xrdp Xrdp
Xrdp Xrdp 0.4
1 EDB exploit
668
VMScore
CVE-2008-5902
Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and previous versions allows remote malicious users to execute arbitrary code via a crafted request.
Xrdp Xrdp
Xrdp Xrdp 0.4
Xrdp Xrdp 0.3.2
Xrdp Xrdp 0.3.1
Xrdp Xrdp 0.3
642
VMScore
CVE-2022-23613
xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability h...
Neutrinolabs Xrdp 0.9.17
Neutrinolabs Xrdp 0.9.18
Fedoraproject Fedora 34
Fedoraproject Fedora 35
409
VMScore
CVE-2020-4044
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on p...
Neutrinolabs Xrdp
NA
CVE-2023-40184
xrdp is an open source remote desktop protocol (RDP) server. In versions before 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may ...
Neutrinolabs Xrdp
668
VMScore
CVE-2017-6967
xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.
Neutrinolabs Xrdp 0.9.1
NA
CVE-2022-23468
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to ...
Neutrinolabs Xrdp
Debian Debian Linux 11.0
NA
CVE-2022-23477
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrad...
Neutrinolabs Xrdp
Debian Debian Linux 11.0
NA
CVE-2022-23478
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue...
Neutrinolabs Xrdp
Debian Debian Linux 11.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »