Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.2289 CVE-2020-9498: Dangling pointer in RDP static virtual channel handling 3 July 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Apache Guacamole Publisher: Apache Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Execute Arbitrary Code/Commands -- Unknown/Unspecified Resolution: Patch/Upgrade CVE Names: CVE-2020-9498 Original Bulletin: https://www.mail-archive.com/announce@apache.org/msg05964.html - --------------------------BEGIN INCLUDED TEXT-------------------- CVE-2020-9498: Dangling pointer in RDP static virtual channel handling Versions affected: Apache Guacamole 1.1.0 and earlier Description: Apache Guacamole 1.1.0 and older may mishandle pointers involved in processing data received via RDP static virtual channels. If a user connects to a malicious or compromised RDP server, a series of specially-crafted PDUs could result in memory corruption, possibly allowing arbitrary code to be executed with the privileges of the running guacd process. Mitigation: Users of versions of Apache Guacamole 1.1.0 and older that provide access to untrusted RDP servers should upgrade to 1.2.0. Credit: We would like to thank Eyal Itkin (Check Point Research) for reporting this issue. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXv6kJuNLKJtyKPYoAQh7pBAAsP3IrlwCeJvGf8LL8r0yeZgEuqxnbe9F I4HyS84m0x7qcXb0ZepFhpPWfAiMQZN6WRjYfatdcALNWsTi9rzb735h2ofylSep bO67zBakgN+wNOIG/9MVeBLfF4FN6oP0zeHGjMVY7IifMNpxxJS6wfODXqFCnAxt 6fPCId28lam2/nzBfwfsh7S+Dvu9E8fnAU1DOcKVGdCq0539ZDvtn2AmYLaGluBQ 7JjCO7FuSzM4Pg2EnmyFsooYPzxt7ADrSFh5/uSdsg3jturY3SiTzVPJ0xwuKFo5 CNfO1FUGuEfdA5jgAd+5Eozeq0yhE45b5SWn2R09uHhqZppXIcfjg/UbBWvlJZDY Bk/SNfEHRK/JPFp+A0OFPKxSJypvrynzG9Anmsf86CgTSiPLO3vjBfQH7iZZxNad +05hXL8Bd83n1ByRZBvJVH+HURNVWEcegUl0RpO+pqHVfxTHTGrs6mQ43BzeNvMV GrXkwPnggyuh9a5yyRgMKMbwUFZAw/vKL6XQFqKhc0hCPXUr2+lSQSdNrICUsQPy OQ0/WbRYeJLnVSxg6xbpv0MBRnbhiNVd2yfV/SkTqDMkydChmiv4Z7lV3IH7yQuY UV1GF3p5jKxrOXBkD5r2LGRIGLqcT/EL/Wj8sM7UhR7xyZVvo6giLHfOdVTPtu6F mmOgh90lx1I= =5t85 -----END PGP SIGNATURE-----