Security News > 2020 > July > Holy Guacamole! Researchers find Apache remote desktop software was silently pwnable for snooping on sessions

Holy Guacamole! Researchers find Apache remote desktop software was silently pwnable for snooping on sessions
2020-07-02 22:05

The Apache Project's popular Guacamole open-source remote desktop software contained vulns allowing remote attackers to steal login creds and hijack targeted machines, researchers have said.

The Apache Foundation has issued patches for Guacamole following Check Point's research, which resulted in two CVEs.

These, the researchers found, could be linked to a privilege escalation vuln through the guacd Guacamole process.

After hijacking a guacd instance on the compromised server, the researchers noticed that new Guacamole connections were spawned using fork() - without using execve().

"Omri Herscovici, vulnerability research team leader at Check Point, said in a statement:"While the global transition to remote work is a necessity, we cannot neglect the security implications of such remote connections, especially as we enter the post-coronavirus era.


News URL

https://go.theregister.com/feed/www.theregister.com/2020/07/02/apache_guacamole_vulns_hijackable_rdp/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apache 281 13 549 713 367 1642