Alerts This Week
Warning Icon 1 770
Alerts This Week
Warning Icon 1 770

Mageia: 2021-0272 Moderate: Guacd Session Token Exploit Mitigated

mageia
Calendar Grey June 23, 2021
Dist Mageia Esm H88
Recent updates to guacd packages tackle major security vulnerabilities in Apache Guacamole, offering detailed insights on the flaws and the solutions implemented
Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token

Summary

Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain (CVE-2018-1340).
Apache Guacamole 1.1.0 and older do not properly validate data received from RDP servers via static virtual channels. If a user connects to a malicious or compromised RDP server, specially-crafted PDUs could result in disclosure of information within the memory of the guacd process handling the connection (CVE-2020-9497).
Apache Guacamole 1.1.0 and older may mishandle pointers involved in processing data received via RDP static virtual channels. If a user connects to a malicious or compromised RDP server, a series of specially-crafted PDUs could result in memory corruption, possibly allowing arbitrary code to be executed with the privileges of the running guacd process (CVE-2020-...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=28158

- https://bugs.mageia.org/show_bug.cgi?id=24509

- https://bugs.mageia.org/show_bug.cgi?id=27593

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/32RWZPQ7FRP73BVKOQK27XV6TX47TT3R/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WNS7UHBOFV6JHWH5XOEZTE3BREGRSSQ3/

- https://www.openwall.com/lists/oss-security/2021/01/18/1

- https://www.cve.org/CVERecord?id=CVE-2018-1340

- https://www.cve.org/CVERecord?id=CVE-2020-9497

- https://www.cve.org/CVERecord?id=CVE-2020-9498

- https://www.cve.org/CVERecord?id=CVE-2020-11997

Topics%20covered

Topics Covered

security advisory security update exploit Mageia session token RDP issue

Resolution

SRPMS

- 7/core/guacd-1.3.0-1.mga7

- 7/core/util-linux-2.33.2-1.1.mga7

- 7/core/ossp_uuid-1.6.2-21.1.mga7

Publication date: 23 Jun 2021
URL: https://advisories.mageia.org/MGASA-2021-0272.html
Type: security
CVE: CVE-2018-1340, CVE-2020-9497, CVE-2020-9498, CVE-2020-11997

Topics%20covered

Topics Covered

security advisory security update exploit Mageia session token RDP issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here