Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Local users can perform a buffer overflow attack against the xrdp-sesman service and then impersonate it
Vulnerability Description
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on port 3350. This will allow them to capture any user credentials that are submitted to XRDP and approve or reject arbitrary login credentials. For xorgxrdp sessions in particular, this allows an unauthorized user to hijack an existing session. This is a buffer overflow attack, so there may be a risk of arbitrary code execution as well.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
xrdp-sesman service 缓冲区错误漏洞
Vulnerability Description
xrdp-sesman service是一款开源的RDP(远程桌面协议)服务器。 xrdp-sesman service 0.9.13.1之前版本中存在缓冲区错误漏洞。远程攻击者可通过连接3350端口并提供恶意的payload利用该漏洞在系统上执行任意代码或导致应用程序崩溃(拒绝服务)。
CVSS Information
N/A
Vulnerability Type
N/A