CVE-2018-1000852

NameCVE-2018-1000852
DescriptionFreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
freerdp2 (PTS)bullseye2.3.0+dfsg1-2+deb11u1fixed
bookworm2.10.0+dfsg1-1fixed
sid, trixie2.11.7+dfsg1-6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
freerdpsource(unstable)(not affected)
freerdp2source(unstable)2.0.0~git20181120.1.e21b72c95+dfsg1-1

Notes

- freerdp <not-affected> (Vulnerable code not present)
https://github.com/FreeRDP/FreeRDP/issues/4866
https://github.com/FreeRDP/FreeRDP/pull/4871
https://github.com/FreeRDP/FreeRDP/commit/baee520e3dd9be6511c45a14c5f5e77784de1471

Search for package or bug name: Reporting problems