Bug 1853390 (CVE-2020-9497) - CVE-2020-9497 guacamole-server: Improper input validation of RDP static virtual channels
Summary: CVE-2020-9497 guacamole-server: Improper input validation of RDP static virtu...
Keywords:
Status: CLOSED UPSTREAM
Alias: CVE-2020-9497
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1853391 1853392 1853393
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-07-02 14:36 UTC by Michael Kaplan
Modified: 2021-02-16 19:43 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2020-07-02 19:27:39 UTC
Embargoed:

Attachments (Terms of Use)

Description Michael Kaplan 2020-07-02 14:36:38 UTC 
Apache Guacamole 1.1.0 and older do not properly validate data
received from RDP servers via static virtual channels. If a user
connects to a malicious or compromised RDP server, specially-crafted
PDUs could result in disclosure of information within the memory of
the guacd process handling the connection.

Mitigation:
Users of versions of Apache Guacamole 1.1.0 and older that provide
access to untrusted RDP servers should upgrade to 1.2.0.
Comment 1 Michael Kaplan 2020-07-02 14:36:41 UTC 
External References:

https://lists.apache.org/thread.html/r65f75d3d65d1af68141f42071ebb27dda24af3e45570e593c1dbd81f%40%3Cannounce.guacamole.apache.org%3E
Comment 2 Michael Kaplan 2020-07-02 14:37:02 UTC 
Created guacamole-server tracking bugs for this issue:

Affects: epel-6 [bug 1853392]
Affects: epel-7 [bug 1853393]
Affects: fedora-all [bug 1853391]
Comment 3 Product Security DevOps Team 2020-07-02 19:27:39 UTC 
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.
Note You need to log in before you can comment on or make changes to this bug.