Vulnerabilities > Xrdp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-17 | CVE-2017-6967 | Improper Authentication vulnerability in Neutrinolabs Xrdp 0.9.1 xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass. | 7.5 |
| 2016-12-16 | CVE-2013-1430 | Credentials Management vulnerability in multiple products An issue was discovered in xrdp before 0.9.1. | 5.0 |
| 2009-01-15 | CVE-2008-5904 | Improper Input Validation vulnerability in Xrdp The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow. | 7.5 |
| 2009-01-15 | CVE-2008-5903 | Numeric Errors vulnerability in Xrdp Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the edit_pos structure member. | 7.5 |
| 2009-01-15 | CVE-2008-5902 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xrdp Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request. | 7.5 |