Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2019-2455)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.2.2019.2455

Categoría: Huawei EulerOS Local Security Checks

Título: Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2019-2455)

Resumen: The remote host is missing an update for the Huawei EulerOS 'freerdp' package(s) announced via the EulerOS-SA-2019-2455 advisory.

Descripción: Summary:
The remote host is missing an update for the Huawei EulerOS 'freerdp' package(s) announced via the EulerOS-SA-2019-2455 advisory.

Vulnerability Insight:
FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished.(CVE-2013-4119)

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.(CVE-2018-1000852)

FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.(CVE-2013-4118)

Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.(CVE-2014-0250)

Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.(CVE-2014-0791)

An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability.(CVE-2017-2835)

An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2836)

An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2837)

An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2838)

An exploitable denial of service ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'freerdp' package(s) on Huawei EulerOS V2.0SP2.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-4118
BugTraq ID: 61072
http://www.securityfocus.com/bid/61072
http://www.openwall.com/lists/oss-security/2013/07/11/12
http://www.openwall.com/lists/oss-security/2013/07/12/2
SuSE Security Announcement: openSUSE-SU-2016:2400 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-09/msg00101.html
SuSE Security Announcement: openSUSE-SU-2016:2402 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-09/msg00102.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4119
Common Vulnerability Exposure (CVE) ID: CVE-2014-0250
BugTraq ID: 67670
http://www.securityfocus.com/bid/67670
http://security.gentoo.org/glsa/glsa-201412-18.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2015:171
https://github.com/FreeRDP/FreeRDP/issues/1871
http://seclists.org/oss-sec/2014/q2/365
SuSE Security Announcement: openSUSE-SU-2014:0862 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-07/msg00008.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-0791
https://bugzilla.redhat.com/show_bug.cgi?id=998941
https://github.com/FreeRDP/FreeRDP/pull/1649
https://github.com/sidhpurwala-huzaifa/FreeRDP/commit/e2745807c4c3e0a590c0f69a9b655dc74ebaa03e
https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html
http://openwall.com/lists/oss-security/2014/01/02/5
http://openwall.com/lists/oss-security/2014/01/03/4
Common Vulnerability Exposure (CVE) ID: CVE-2017-2835
Debian Security Information: DSA-3923 (Google Search)
https://www.debian.org/security/2017/dsa-3923
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0337
Common Vulnerability Exposure (CVE) ID: CVE-2017-2836
BugTraq ID: 99942
http://www.securityfocus.com/bid/99942
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0338
Common Vulnerability Exposure (CVE) ID: CVE-2017-2837
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0339
Common Vulnerability Exposure (CVE) ID: CVE-2017-2838
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0340
Common Vulnerability Exposure (CVE) ID: CVE-2017-2839
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.2.2019.2455
Categoría:	Huawei EulerOS Local Security Checks
Título:	Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2019-2455)
Resumen:	The remote host is missing an update for the Huawei EulerOS 'freerdp' package(s) announced via the EulerOS-SA-2019-2455 advisory.
Descripción:	Summary: The remote host is missing an update for the Huawei EulerOS 'freerdp' package(s) announced via the EulerOS-SA-2019-2455 advisory. Vulnerability Insight: FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished.(CVE-2013-4119) FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.(CVE-2018-1000852) FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.(CVE-2013-4118) Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.(CVE-2014-0250) Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.(CVE-2014-0791) An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability.(CVE-2017-2835) An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2836) An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2837) An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.(CVE-2017-2838) An exploitable denial of service ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'freerdp' package(s) on Huawei EulerOS V2.0SP2. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4118 BugTraq ID: 61072 http://www.securityfocus.com/bid/61072 http://www.openwall.com/lists/oss-security/2013/07/11/12 http://www.openwall.com/lists/oss-security/2013/07/12/2 SuSE Security Announcement: openSUSE-SU-2016:2400 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-09/msg00101.html SuSE Security Announcement: openSUSE-SU-2016:2402 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-09/msg00102.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4119 Common Vulnerability Exposure (CVE) ID: CVE-2014-0250 BugTraq ID: 67670 http://www.securityfocus.com/bid/67670 http://security.gentoo.org/glsa/glsa-201412-18.xml http://www.mandriva.com/security/advisories?name=MDVSA-2015:171 https://github.com/FreeRDP/FreeRDP/issues/1871 http://seclists.org/oss-sec/2014/q2/365 SuSE Security Announcement: openSUSE-SU-2014:0862 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-07/msg00008.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0791 https://bugzilla.redhat.com/show_bug.cgi?id=998941 https://github.com/FreeRDP/FreeRDP/pull/1649 https://github.com/sidhpurwala-huzaifa/FreeRDP/commit/e2745807c4c3e0a590c0f69a9b655dc74ebaa03e https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html http://openwall.com/lists/oss-security/2014/01/02/5 http://openwall.com/lists/oss-security/2014/01/03/4 Common Vulnerability Exposure (CVE) ID: CVE-2017-2835 Debian Security Information: DSA-3923 (Google Search) https://www.debian.org/security/2017/dsa-3923 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0337 Common Vulnerability Exposure (CVE) ID: CVE-2017-2836 BugTraq ID: 99942 http://www.securityfocus.com/bid/99942 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0338 Common Vulnerability Exposure (CVE) ID: CVE-2017-2837 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0339 Common Vulnerability Exposure (CVE) ID: CVE-2017-2838 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0340 Common Vulnerability Exposure (CVE) ID: CVE-2017-2839 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341
Copyright	Copyright (C) 2020 Greenbone Networks GmbH