CVE-2013-1430
Publication date 16 December 2016
Last updated 24 July 2024
Ubuntu priority
An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.
From the Ubuntu Security Team
It was discovered that xrdp used a known key to store session passwords in text files. An attacker could potentially decrypt the file to obtain a user password.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| xrdp | ||
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Fixed 0.6.1-2ubuntu0.1
|
|
| 14.04 LTS trusty |
Fixed 0.6.0-1ubuntu0.1
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
9.8 · Critical
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |