{"id":"MGASA-2017-0243","summary":"Updated freerdp packages fix security vulnerabilities","details":"An exploitable code execution vulnerability exists in the authentication\nfunctionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server\nresponse can cause an out-of-bounds write resulting in an exploitable\ncondition. An attacker can compromise the server or use a man in the middle\nattack to trigger this vulnerability (CVE-2017-2834).\n\nAn exploitable code execution vulnerability exists in the RDP receive\nfunctionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server\nresponse can cause an out-of-bounds write resulting in an exploitable\ncondition. An attacker can compromise the server or use a man in the middle to\ntrigger this vulnerability (CVE-2017-2835).\n\nAn exploitable denial of service vulnerability exists within the reading of\nproprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially\ncrafted challenge packet can cause the program termination leading to a denial\nof service condition. An attacker can compromise the server or use man in the\nmiddle to trigger this vulnerability (CVE-2017-2836).\n\nAn exploitable denial of service vulnerability exists within the handling of\nsecurity data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge\npacket can cause the program termination leading to a denial of service\ncondition. An attacker can compromise the server or use man in the middle to\ntrigger this vulnerability (CVE-2017-2837).\n\nAn exploitable denial of service vulnerability exists within the handling of\nchallenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted\nchallenge packet can cause the program termination leading to a denial of\nservice condition. An attacker can compromise the server or use man in the\nmiddle to trigger this vulnerability (CVE-2017-2838, CVE-2017-2839).\n","modified":"2026-02-04T03:55:44.877654Z","published":"2017-08-03T19:05:47Z","related":["CVE-2017-2834","CVE-2017-2835","CVE-2017-2836","CVE-2017-2837","CVE-2017-2838","CVE-2017-2839"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0243.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21427"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0336"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0337"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0338"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0339"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0340"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341"},{"type":"REPORT","url":"http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JNO6AUPEMWZQNGI7PEVPRUZD3OFNCQ4R/"}],"affected":[{"package":{"name":"freerdp","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/freerdp?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0-0.rc0.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0243.json"}},{"package":{"name":"remmina","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/remmina?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-0.rcgit.19.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0243.json"}},{"package":{"name":"vinagre","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/vinagre?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.22.0-3.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0243.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}