{"id":"MGASA-2017-0475","summary":"Updated freerdp packages fix security vulnerabilities","details":"An exploitable code execution vulnerability exists in the authentication\nfunctionality of FreeRDP 2.0.0-beta1+android11. A specially crafted\nserver response can cause an out-of-bounds write resulting in an\nexploitable condition. An attacker can compromise the server or use a\nman in the middle attack to trigger this vulnerability (CVE-2017-2834).\n\nAn exploitable code execution vulnerability exists in the RDP receive\nfunctionality of FreeRDP 2.0.0-beta1+android11. A specially crafted\nserver response can cause an out-of-bounds write resulting in an\nexploitable condition. An attacker can compromise the server or use a\nman in the middle to trigger this vulnerability (CVE-2017-2835).\n\nAn exploitable denial of service vulnerability exists within the reading\nof proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A\nspecially crafted challenge packet can cause the program termination\nleading to a denial of service condition. An attacker can compromise the\nserver or use man in the middle to trigger this vulnerability\n(CVE-2017-2836).\n\nAn exploitable denial of service vulnerability exists within the\nhandling of security data in FreeRDP 2.0.0-beta1+android11. A specially\ncrafted challenge packet can cause the program termination leading to a\ndenial of service condition. An attacker can compromise the server or\nuse man in the middle to trigger this vulnerability (CVE-2017-2837).\n\nAn exploitable denial of service vulnerability exists within the\nhandling of challenge packets in FreeRDP 2.0.0-beta1+android11. A\nspecially crafted challenge packet can cause the program termination\nleading to a denial of service condition. An attacker can compromise the\nserver or use man in the middle to trigger this vulnerability\n(CVE-2017-2838, CVE-2017-2839).\n","modified":"2026-02-04T04:11:21.651335Z","published":"2017-12-31T00:10:15Z","related":["CVE-2017-2834","CVE-2017-2835","CVE-2017-2836","CVE-2017-2837","CVE-2017-2838","CVE-2017-2839"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0475.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21448"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0336"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0337"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0338"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0339"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0340"},{"type":"REPORT","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341"},{"type":"REPORT","url":"http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JNO6AUPEMWZQNGI7PEVPRUZD3OFNCQ4R/"},{"type":"REPORT","url":"https://www.debian.org/security/2017/dsa-3923"}],"affected":[{"package":{"name":"freerdp","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/freerdp?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.2-5.2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0475.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}