Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2017-6967
Description:xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.
Test IDs: 1.3.6.1.4.1.25623.1.0.872577   1.3.6.1.4.1.25623.1.0.872574   1.3.6.1.4.1.25623.1.0.872580   1.3.6.1.4.1.25623.1.0.872581   1.3.6.1.4.1.25623.1.0.890872  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-6967
https://bugs.launchpad.net/ubuntu/+source/xrdp/+bug/1672742
https://github.com/neutrinolabs/xrdp/issues/350
https://github.com/neutrinolabs/xrdp/pull/694




© 1998-2024 E-Soft Inc. All rights reserved.