ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0016
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0016)
Resumen:	The remote host is missing an update for the 'xrdp' package(s) announced via the MGASA-2021-0016 advisory.
Descripción:	Summary: The remote host is missing an update for the 'xrdp' package(s) announced via the MGASA-2021-0016 advisory. Vulnerability Insight: Ashley Newson discovered that the XRDP sessions manager was susceptible to denial of service. A local attacker can further take advantage of this flaw to impersonate the XRDP sessions manager and capture any user credentials that are submitted to XRDP, approve or reject arbitrary login credentials or to hijack existing sessions for xorgxrdp sessions (CVE-2020-4044). Affected Software/OS: 'xrdp' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-4044 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j9fv-6fwf-p3g4 Debian Security Information: DSA-4737 (Google Search) https://www.debian.org/security/2020/dsa-4737 https://github.com/neutrinolabs/xrdp/commit/0c791d073d0eb344ee7aaafd221513dc9226762c https://github.com/neutrinolabs/xrdp/releases/tag/v0.9.13.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00015.html SuSE Security Announcement: openSUSE-SU-2020:0999 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00036.html SuSE Security Announcement: openSUSE-SU-2020:1200 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00037.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.