{"id":"CVE-2013-1430","details":"An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.","modified":"2026-04-10T03:43:17.323569Z","published":"2016-12-16T09:59:00Z","related":["SUSE-SU-2019:1847-1","SUSE-SU-2019:1860-1","openSUSE-SU-2024:11526-1"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2013-1430"},{"type":"FIX","url":"https://github.com/neutrinolabs/xrdp/pull/497"},{"type":"REPORT","url":"https://github.com/neutrinolabs/xrdp/pull/497"},{"type":"REPORT","url":"https://security-tracker.debian.org/tracker/CVE-2013-1430"},{"type":"WEB","url":"http://www.securityfocus.com/bid/94958"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}