cbcvebase.
CVE-2013-1430
published 2016-12-16

CVE-2013-1430: An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is…

PriorityP344critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
1.33%
67.4th percentile
An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.

Affected

8 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debiandebian_linux
debianxrdp< xrdp 0.9.1~2016121126+git5171fa7-1 (bookworm)xrdp 0.9.1~2016121126+git5171fa7-1 (bookworm)
neutrinolabsxrdp<= 0.8.0
neutrinolabsxrdp>= 0 < 0.9.1~2016121126+git5171fa7-10.9.1~2016121126+git5171fa7-1
neutrinolabsxrdp>= 0 < 0.9.1~2016121126+git5171fa7-10.9.1~2016121126+git5171fa7-1
neutrinolabsxrdp>= 0 < 0.9.1~2016121126+git5171fa7-10.9.1~2016121126+git5171fa7-1
neutrinolabsxrdp>= 0 < 0.9.1~2016121126+git5171fa7-10.9.1~2016121126+git5171fa7-1

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv9.8CRITICAL
vendor_redhat10.0CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.