PT-2018-9576 · Freerdp+6 · Freerdp+6

Akallabeth

Publicado

2018-12-20

Atualizado

2024-06-15

CVE-2018-1000852

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to the commit with ID 205c612820dac644d665b5bb1cdf437dc5ca01e3

Description The issue allows an RDP server to read the client's memory. This can occur when the client connects to the RDP server with the echo option. The vulnerability is located in the drdynvc process capability request function in the channels/drdynvc/client/drdynvc main.c file.

Recommendations To resolve the issue, update FreeRDP to a version after the commit with ID 205c612820dac644d665b5bb1cdf437dc5ca01e3. As a temporary workaround, consider avoiding the use of the echo option when connecting to RDP servers until a patch is available. Restrict access to the drdynvc process capability request function in the drdynvc main.c file to minimize the risk of exploitation.

Exploit

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALT-PU-2020-1941

ALT-PU-2020-1960

CESA-2019_2157

CVE-2018-1000852

OPENSUSE-SU-2019:0325-1

OPENSUSE-SU-2019_0096-1

OPENSUSE-SU-2019_0325-1

OPENSUSE-SU-2024:10768-1

RHSA-2019:2157

RHSA-2019_2157

SUSE-SU-2019:0134-1

SUSE-SU-2019:0539-1

SUSE-SU-2020:2272-1

USN-4379-1

Produtos afetados

Alt Linux

Centos

Freerdp

Linuxmint

Red Hat

Suse

Ubuntu

PT-2018-9576 · Freerdp+6 · Freerdp+6

CVE-2018-1000852

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 123