Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.1906
xrdp security update
3 April 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: xrdp
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-23482 CVE-2022-23481 CVE-2022-23480
Original Bulletin:
https://lists.debian.org/debian-lts-announce/2023/03/msg00031.html
Comment: CVSS (Max): 9.8 CVE-2022-23480 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-3375-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
March 31, 2023 https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------
Package : xrdp
Version : 0.9.9-1+deb10u3
CVE IDs : CVE-2022-23480 CVE-2022-23481 CVE-2022-23482
Debian Bug : 1025879
It was discovered that there were a number of vulnerabilies in the
xrdp Remote Desktop Protocol (RDP) server:
* CVE-2022-23480: Prevent a series of potential buffer overflow
vulnerabilities in the devredir_proc_client_devlist_announce_req()
function.
* CVE-2022-23481: Fix an out-of-bounds read vulnerability in the
xrdp_caps_process_confirm_active() function.
* CVE-2022-23482: Fix an out-of-bounds read vulnerability in the
xrdp_sec_process_mcs_data_CS_CORE() function.
For Debian 10 buster, these problems have been fixed in version
0.9.9-1+deb10u3.
We recommend that you upgrade your xrdp packages.
For the detailed security status of xrdp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xrdp
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmQm1dsACgkQHpU+J9Qx
HljlcRAAtl6O9oCk8zzqPWgTC5H+I6/Ro+FW8UNEdLlVBa/tenj3TADFr30faeJZ
vhqUCFx0ncaZRkmnNvT8Tyhi56E/NSFF8qCag7bnq0QrOAF24Ao/0y34K/vMXbTd
P3xJnD8cbJws0TOwiKCUU5pRPxeRK+bZlvZy5TFs5VggU7p4u+obRZrsavgS0dbG
xW8MF4UFvAG1g+N34VExzY5T/t9vG/xJjnV662az+h/xSdDuCzup8RGpa1Kvh+5H
FmLZUY7J3DJTehKP2bp1kuOPEkYy2i6xB8AklqCpnh9QdR7ECo6VzH945tz4p9u4
qbEow4joMmtykvhMs+imOIf4AoOulpbi6EZnZ3fGO1zXjAH4EaSB+YCnG2VOnp1q
7LrOx0aQ1e5GA3EaEWrXaeh0zMc2c9L7xDA7D8lgHuV3RsqATp3KsOiEH6WF81rt
NugP87L4X802FudOi7Hzf23+ToMsX/ofzQl2NVHE9QI8fw85KhEWlz4OmXfAcXrR
9z5FSKb+bpL1hCYokB2tv7Ey8UAsZeE2RNUvPgpdLcZ8MOqtUXVexghSh9lPQ+js
N5lPBz2pu3OdtefIZU2bZfd5ZQLjI8gqfS9Y1TOXLrirh6kYgn0SjGiteQFKuod4
ym04jEuzJpicFqH03vgIYVN6EI2+/yUKdNKnZKQqSiIvDNIvu/8=
=uBP0
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBZCon8MkNZI30y1K9AQhEFA//S9Y8aQrlMZYnls7ywW8oaGgg5YlUlUGl
epN5Rp8kp70BnYEtVsS/vs+jBqKZV/trCBaU7Po0dbEXKkejeNi60w/mCBRrYIEs
I5MArdkiJs1QsIcLFmaR7rrzvS8Tqr5fVfemG5yITOAOzzw13NlrKoa2bYs8gPE7
9L7Pun02bkCVkUdiEaIJ1LYTHyP0UR3oABoIPYpOt8zbi+tApRQVUMsYcbqn4mUk
6bmiwcWEGB9yAI6+03yr0vGkne++Q8LB1s9jiiZL4BxHsf3n7/ceBrGGZJTTpgwP
p7J5tHyxQqoq14q8rTgBg9EyAUOebEdwTZMzrjB690Uv7xqajhKCnmKtI0WJ4txW
QhklJdovtxwiypuHG7DBgHlsAgW3qgUIDKZV6EzLXy0JPgu1ck2RIqoe5wQMzu2T
woqPxWPKF3e0RpTZADRxfl8qUx6khmhTp5GiY76b5B3bqpkcCuFkbwbrX7d826SA
lXgnbirVmF0a6fvltbEPz4b9wa+1Asnok6OfWOmn70mYmmmQTtGwIywvj8QmojdM
nKXXmC3cCmu7T5e5Qj0m813vyWuqmXfmxltrl9RHzCgN+WdJXlab2EWZxUGEuRBS
8P2qKCvWKfArzJWQeZLAP9n75hgNTXUdNAV3pW4CX7T4o0I70SahICr4BiHNcuW6
HUYxGAEN3y4=
=Jcvw
-----END PGP SIGNATURE-----