Metalefty

#10436of 53,608
26.5Total CVSS
Vulnerabilities · 3
Medium
1
High
1
Critical
1
PT-2023-5611
6.5
2023-09-27
Debian · Debian · CVE-2023-42822
**Name of the Vulnerable Software and Affected Versions** xrdp versions prior to 0.9.23.1 **Description** The issue is related to an out-of-bounds read within the xrdp executable due to unbounds-checked access to font glyphs in xrdp painter.c. This can result in an out-of-bounds read within a potentially privileged process, and on non-Debian platforms, xrdp tends to run as root. Potentially, an out-of-bounds write can follow the out-of-bounds read. There is no denial-of-service impact if xrdp is running in forking mode. **Recommendations** To resolve the issue, upgrade to release 0.9.23.1 or later. As a temporary workaround, consider restricting access to the xrdp painter.c component until a patch is available. Avoid using controllable data by the user in the affected xrdp executable until the issue is resolved.
PT-2022-5893
10
2022-12-09
Xrdp · Xrdp · CVE-2022-23479
**Name of the Vulnerable Software and Affected Versions** xrdp versions prior to 0.9.21 **Description** The issue is related to a buffer overflow in the `xrdp mm chan data in()` function, which can be exploited by a remote attacker to execute arbitrary code. This is due to the lack of size checking for input data, allowing for buffer copying without proper validation. There are no known workarounds for this issue. **Recommendations** For versions prior to 0.9.21, users are advised to upgrade to a version that contains the fix for this issue. As a temporary workaround, consider disabling the `xrdp mm chan data in()` function until a patch is available.
PT-2022-5896
10
2022-12-09
Xrdp · Xrdp · CVE-2022-23468
**Name of the Vulnerable Software and Affected Versions** xrdp versions prior to 0.9.21 **Description** The issue is related to a buffer overflow in the `xrdp login wnd create()` function of the xrdp server, which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). This buffer overflow is caused by the lack of input size validation, allowing a remote attacker to potentially execute arbitrary code. There are no known workarounds for this issue. **Recommendations** To resolve the issue, users are advised to upgrade to a version of xrdp that is 0.9.21 or later. As a temporary workaround, consider disabling the `xrdp login wnd create()` function until a patch is available. However, the most effective solution is to upgrade to the latest version of xrdp.