Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Privilege escalation on xrdp
Vulnerability Description
xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability has been patched in version 0.9.18.1 and above. Users are advised to upgrade. There are no known workarounds.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
整数下溢(超界折返)
Vulnerability Title
xrdp 数字错误漏洞
Vulnerability Description
xrdp是Neutrinolabs实验室的一款开源远程桌面协议服务器。 xrdp 中存在数字错误漏洞,该漏洞源于产品堆溢出的整数下溢允许任何能够本地访问sesman服务器的未经身份验证的攻击者以根身份执行代码。
CVSS Information
N/A
Vulnerability Type
N/A