freerdp-2.0.0-1.rc4.el7, vinagre-3.22.0-12.el7
エラータID: AXSA:2019-4179:01
リリース日:
2019/08/20 Tuesday - 09:03
題名:
freerdp-2.0.0-1.rc4.el7, vinagre-3.22.0-12.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Low
Description:
以下項目について対処しました。
[Security Fix]
- FreeRDP の channels/drdynvc/client/drdynvc_main.c,
drdynvc_process_capability_request には問題があり、RDP クライアント
が echo オプションを用いて rdp サーバに接続しなくてはならないため、
RDP サーバがクライアントのメモリを読み込める脆弱性があります。
(CVE-2018-1000852)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2018-1000852
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.
追加情報:
N/A
ダウンロード:
SRPMS
- freerdp-2.0.0-1.rc4.el7.src.rpm
MD5: 7fc57139409e4c6075a7c54f656e884d
SHA-256: b655c999dd2b1e429a202318c6af0434457fdfa2b74af8cf87b328cc92a523bb
Size: 6.32 MB - vinagre-3.22.0-12.el7.src.rpm
MD5: 1bf4a1d3af8bba4eb755499e462a9fea
SHA-256: 9749c4133a3337a4dc753247c3bc22b2affb6b4748dcf103bc569f66549dbe3b
Size: 1.53 MB
Asianux Server 7 for x86_64
- freerdp-2.0.0-1.rc4.el7.x86_64.rpm
MD5: 474e035402c917f5e3ed57d6d654086a
SHA-256: 1990e479578828909b713d68916dc983878a6c8eb94e5c2f27cba0017482c59c
Size: 96.61 kB - freerdp-libs-2.0.0-1.rc4.el7.x86_64.rpm
MD5: 670f8cda6ecef7895cd4e16639c9f940
SHA-256: 860f6249e9333dd7738410f78c5b8947c01afa82aefd4a1fe89e33f03a563e21
Size: 778.57 kB - libwinpr-2.0.0-1.rc4.el7.x86_64.rpm
MD5: 28f70bf7013d9d2bab2e7ad4bbce66c0
SHA-256: 3ad73cea40ec4177e7d1ed675652e78e551758d714019cc9246c41561c9d066e
Size: 320.96 kB - libwinpr-devel-2.0.0-1.rc4.el7.x86_64.rpm
MD5: f5f0c81a183430892c9a9dd968517aa1
SHA-256: 424ab749b1a1a450f59e0b68e6df56427a84b4a3831e63970508c5d9e50cb567
Size: 166.36 kB - freerdp-libs-2.0.0-1.rc4.el7.i686.rpm
MD5: ed796a0c878576dff7709652d607bf0e
SHA-256: 0a62fb9450c7775b3240b13219612c809db396499b22fd8d1b3e639a8b1c8607
Size: 734.34 kB - libwinpr-2.0.0-1.rc4.el7.i686.rpm
MD5: f44d1256ecbce6022403726e0c6a1a82
SHA-256: 91a5ec3c4aaa88d37afeb33de174f82c687662339b2b50246b1ce70a7bd61eed
Size: 311.27 kB - libwinpr-devel-2.0.0-1.rc4.el7.i686.rpm
MD5: 5614eb59e8d280d8f3b7f8eea5aac5f9
SHA-256: d6bfd6759ec3e8ff15cdaaa340c31d921201f156e5e1e8374d513cc6fd4d1573
Size: 166.38 kB - vinagre-3.22.0-12.el7.x86_64.rpm
MD5: acb6cb315043402eb5755657d6bd9b01
SHA-256: e668e197a5d7de48652065492a8a9a4d04c117036c70cde507af656934b101c5
Size: 1.41 MB - vinagre-3.22.0-12.el7.i686.rpm
MD5: 33f4d4a0f53455755bf9b642c50cfe8c
SHA-256: 946f72cf86e155ed2520387c8e0ccb8a487cda4c1a064bd197d54c729ebf7781
Size: 1.41 MB
English