Source: xrdp Version: CVE-2020-4044 Severity: grave Tags: security upstream
Hi, The following vulnerability was published for xrdp. CVE-2020-4044[0]: | The xrdp-sesman service before version 0.9.13.1 can be crashed by | connecting over port 3350 and supplying a malicious payload. Once the | xrdp-sesman process is dead, an unprivileged attacker on the server | could then proceed to start their own imposter sesman service | listening on port 3350. This will allow them to capture any user | credentials that are submitted to XRDP and approve or reject arbitrary | login credentials. For xorgxrdp sessions in particular, this allows an | unauthorized user to hijack an existing session. This is a buffer | overflow attack, so there may be a risk of arbitrary code execution as | well. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-4044 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4044 [1] https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j9fv-6fwf-p3g4 [2] https://github.com/neutrinolabs/xrdp/commit/e593f58a82bf79b556601ae08e9e25e366a662fb Please adjust the affected versions in the BTS as needed. Regards, Salvatore
