 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.10.2023.0002 |
| Category: | Mageia Linux Local Security Checks |
| Title: | Mageia: Security Advisory (MGASA-2023-0002) |
| Summary: | The remote host is missing an update for the 'xrdp' package(s) announced via the MGASA-2023-0002 advisory. |
| Description: | Summary: The remote host is missing an update for the 'xrdp' package(s) announced via the MGASA-2023-0002 advisory. Vulnerability Insight: xrdp less than v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. (CVE-2022-23468) xrdp less than v0.9.21 contain a buffer over flow in audin_send_open() function. (CVE-2022-23477) xrdp less than v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. (CVE-2022-23478) xrdp less than v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. (CVE-2022-23479) xrdp less than v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. (CVE-2022-23480) xrdp less than v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function. (CVE-2022-23481) xrdp less than v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. (CVE-2022-23482) xrdp less than v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. (CVE-2022-23483) xrdp less than v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. (CVE-2022-23484) xrdp less than v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. (CVE-2022-23493) Affected Software/OS: 'xrdp' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-23468 Debian Security Information: DSA-5502 (Google Search) https://www.debian.org/security/2023/dsa-5502 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-8c2f-mw8m-qpx6 Common Vulnerability Exposure (CVE) ID: CVE-2022-23477 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-hqw2-jx2c-wrr2 Common Vulnerability Exposure (CVE) ID: CVE-2022-23478 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-2f49-wwpm-78pj Common Vulnerability Exposure (CVE) ID: CVE-2022-23479 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-pgx2-3fjj-fqqh Common Vulnerability Exposure (CVE) ID: CVE-2022-23480 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-3jmx-f6hv-95wg Common Vulnerability Exposure (CVE) ID: CVE-2022-23481 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-hm75-9jcg-p7hq Common Vulnerability Exposure (CVE) ID: CVE-2022-23482 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-56pq-2pm9-7fhm Common Vulnerability Exposure (CVE) ID: CVE-2022-23483 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-38rw-9ch2-fcxq Common Vulnerability Exposure (CVE) ID: CVE-2022-23484 https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-rqfx-5fv8-q9c6 |
| Copyright | Copyright (C) 2023 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |