When successfully logging in using RDP into a xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the users clear text password, DES encrypted with a known key. Upstream bug: https://github.com/neutrinolabs/xrdp/pull/497
Created xrdp tracking bugs for this issue: Affects: fedora-all [bug 1404971] Affects: epel-all [bug 1404972]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.