Mageia 2019-0012 Critical: FreeRDP Denial Of Service Issues

mageia

January 5, 2019

Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings

Summary

Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8784, CVE-2018-8785).
Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8786, CVE-2018-8787).
Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8788).
Eyal Itkin discovered FreeRDP incorrectly handled NTLM authentication. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8789).

References

- https://bugs.mageia.org/show_bug.cgi?id=24074

- https://ubuntu.com/security/notices/USN-3845-1

- https://www.cve.org/CVERecord?id=CVE-2018-8784

- https://www.cve.org/CVERecord?id=CVE-2018-8785

- https://www.cve.org/CVERecord?id=CVE-2018-8786

- https://www.cve.org/CVERecord?id=CVE-2018-8787

- https://www.cve.org/CVERecord?id=CVE-2018-8788

- https://www.cve.org/CVERecord?id=CVE-2018-8789

Topics Covered

security advisory denial of service code execution Mageia FreeRDP stream encoding

Resolution

SRPMS

- 6/core/freerdp-2.0.0-0.rc4.1.mga6

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 05 Jan 2019

URL: https://advisories.mageia.org/MGASA-2019-0012.html

Type: security

CVE: CVE-2018-8784, CVE-2018-8785, CVE-2018-8786, CVE-2018-8787, CVE-2018-8788, CVE-2018-8789

Topics Covered

security advisory denial of service code execution Mageia FreeRDP stream encoding

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia 2019-0012 Critical: FreeRDP Denial Of Service Issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia 2019-0012 Critical: FreeRDP Denial Of Service Issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!