Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2021.0016
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2021-0016)
Zusammenfassung:	The remote host is missing an update for the 'xrdp' package(s) announced via the MGASA-2021-0016 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'xrdp' package(s) announced via the MGASA-2021-0016 advisory. Vulnerability Insight: Ashley Newson discovered that the XRDP sessions manager was susceptible to denial of service. A local attacker can further take advantage of this flaw to impersonate the XRDP sessions manager and capture any user credentials that are submitted to XRDP, approve or reject arbitrary login credentials or to hijack existing sessions for xorgxrdp sessions (CVE-2020-4044). Affected Software/OS: 'xrdp' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2020-4044 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j9fv-6fwf-p3g4 Debian Security Information: DSA-4737 (Google Search) https://www.debian.org/security/2020/dsa-4737 https://github.com/neutrinolabs/xrdp/commit/0c791d073d0eb344ee7aaafd221513dc9226762c https://github.com/neutrinolabs/xrdp/releases/tag/v0.9.13.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00015.html SuSE Security Announcement: openSUSE-SU-2020:0999 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00036.html SuSE Security Announcement: openSUSE-SU-2020:1200 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00037.html
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.