CVE-2024-39917 – xrdp allows an ininite number of login attempts
https://notcve.org/view.php?id=CVE-2024-39917
xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter `MaxLoginRetry` in `/etc/xrdp/sesman.ini`. However, this mechanism was not effectively working. As a result, xrdp allows an infinite number of login attempts. • https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-7w22-h4w7-8j5j https://github.com/neutrinolabs/xrdp/commit/19c111c74c913ecc6e4ba9a738ed929a79d2ae8f • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVE-2023-42822 – Unchecked access to font glyph info in xrdp
https://notcve.org/view.php?id=CVE-2023-42822
xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-bounds read within a potentially privileged process. On non-Debian platforms, xrdp tends to run as root. • https://github.com/neutrinolabs/xrdp/commit/73acbe1f7957c65122b00de4d6f57a8d0d257c40 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-2hjx-rm4f-r9hw https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FPGA4M7IYCP7OILDF2ZJEVSXUOFEFQ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFGL22QQF65OIZRMCKUZCVJQCKGUBRYE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTXODUR4ILM7ZPA6ZGY6VSK4BBSBMKGY • CWE-125: Out-of-bounds Read •
CVE-2023-40184 – Improper handling of session establishment errors in xrdp
https://notcve.org/view.php?id=CVE-2023-40184
xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may result in in session restrictions such as max concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to be bypassed. Users (administrators) don't use restrictions by PAM are not affected. • https://github.com/neutrinolabs/xrdp/blame/9bbb2ec68f390504c32f2062847aa3d821a0089a/sesman/sesexec/session.c#L571C5-L571C19 https://github.com/neutrinolabs/xrdp/commit/a111a0fdfe2421ef600e40708b5f0168594cfb23 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-f489-557v-47jq https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOT237TIHTHPX5YNIWLVNINOEYC7WMG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5IXMQODV3OIJ7DRQBUQV7PUKNT7SH36 https://lists.fedoraproject.org& • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2022-23477 – Buffer Overflow in xrdp
https://notcve.org/view.php?id=CVE-2022-23477
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade. xrdp es un proyecto de código abierto que proporciona un inicio de sesión gráfico para máquinas remotas utilizando Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contiene un flujo del búfer desbordado en la función auditin_send_open(). No se conocen workarounds para este problema. Se recomienda a los usuarios que actualicen. • https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-hqw2-jx2c-wrr2 https://www.debian.org/security/2023/dsa-5502 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2022-23484 – Integer Overflow in xrdp
https://notcve.org/view.php?id=CVE-2022-23484
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. There are no known workarounds for this issue. Users are advised to upgrade. xrdp es un proyecto de código abierto que proporciona un inicio de sesión gráfico para máquinas remotas utilizando Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contiene un desbordamiento de enteros en la función xrdp_mm_process_rail_update_window_text(). No se conocen workarounds para este problema. Se recomienda a los usuarios que actualicen. • https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-rqfx-5fv8-q9c6 https://www.debian.org/security/2023/dsa-5502 • CWE-190: Integer Overflow or Wraparound •