Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian LTS: Security Advisory for freerdp (DLA-2356-1)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'freerdp' package(s) announced via the DLA-2356-1 advisory.
Insight
Insight
Several vulnerabilities have been reported against FreeRDP, an Open Source server and client implementation of the Microsoft RDP protocol. CVE-2014-0791 An integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP allowed remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet. CVE-2020-11042 In FreeRDP there was an out-of-bounds read in update_read_icon_info. It allowed reading an attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This could have been used to crash the client or store information for later retrieval. CVE-2020-11045 In FreeRDP there was an out-of-bound read in in update_read_bitmap_data that allowed client memory to be read to an image buffer. The result displayed on screen as colour. CVE-2020-11046 In FreeRDP there was a stream out-of-bounds seek in update_read_synchronize that could have lead to a later out-of-bounds read. CVE-2020-11048 In FreeRDP there was an out-of-bounds read. It only allowed to abort a session. No data extraction was possible. CVE-2020-11058 In FreeRDP, a stream out-of-bounds seek in rdp_read_font_capability_set could have lead to a later out-of-bounds read. As a result, a manipulated client or server might have forced a disconnect due to an invalid data read. CVE-2020-11521 libfreerdp/codec/planar.c in FreeRDP had an Out-of-bounds Write. CVE-2020-11522 libfreerdp/gdi/gdi.c in FreeRDP had an Out-of-bounds Read. CVE-2020-11523 libfreerdp/gdi/region.c in FreeRDP had an Integer Overflow. CVE-2020-11525 libfreerdp/cache/bitmap.c in FreeRDP had an Out of bounds read. CVE-2020-11526 libfreerdp/core/update.c in FreeRDP had an Out-of-bounds Read. CVE-2020-13396 An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. CVE-2020-13397 An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. CVE-2020-13398 An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
Affected Software
Affected Software
'freerdp' package(s) on Debian Linux.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
For Debian 9 stretch, these problems have been fixed in version 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u4. We recommend that you upgrade your freerdp packages.