Download
| Alert*
oval:org.secpod.oval:def:89003046
This update for xrdp fixes the following issues: Security issues fixed: - CVE-2013-1430: When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd was created. Its content was the equivalent of the user"s cleartext password, DES encrypted with a known key ... oval:org.secpod.oval:def:89003230 This update for xrdp fixes the following issues: These security issues were fixed: - CVE-2013-1430: When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd was created. Its content was the equivalent of the user"s cleartext password, DES encrypted with ... oval:org.secpod.oval:def:113837 xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. oval:org.secpod.oval:def:113744 xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. oval:org.secpod.oval:def:113722 xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. oval:org.secpod.oval:def:113734 xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. oval:org.secpod.oval:def:113878 xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. oval:org.secpod.oval:def:1900285 The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length,which allows local users to cause a denial of service or possibly have unspecified other impact via a crafted input stream. |