Published: 09/12/2022 Updated: 24/10/2023

CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9

VMScore: 0

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are advised to upgrade.

Vulnerable Product	Search on Vulmon	Subscribe to Product
neutrinolabs xrdp
debian debian linux 11.0

Debian Bug report logs - #1025879 xrdp: CVE-2022-23468 CVE-2022-23477 CVE-2022-23478 CVE-2022-23479 CVE-2022-23480 CVE-2022-23481 CVE-2022-23482 CVE-2022-23483 CVE-2022-23484 CVE-2022-23493 Package: src:xrdp; Maintainer for src:xrdp is Debian Remote Maintainers <debian-remote@listsdebianorg>; Reported by: Salvatore Bonaccor ...

Multiple security vulnerabilities have been found in xrdp, a remote desktop protocol server Buffer overflows and out-of-bound writes may cause a denial of service or other unspecified impact For the oldstable distribution (bullseye), these problems have been fixed in version 09211-1~deb11u1 We recommend that you upgrade your xrdp packages Fo ...

CWE-125 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-56pq-2pm9-7fhm https://www.debian.org/security/2023/dsa-5502 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025879 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5502

CVE-2022-23482

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect