JP Vossen via plug on 2 Jul 2020 18:33:08 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Apache Guacamole CVEs (2020-9497 and 2020-9498)


From https://www.theregister.com/2020/07/02/apache_guacamole_vulns_hijackable_rdp/:

The Apache Project's popular Guacamole open-source remote desktop software contained vulns allowing remote attackers to steal login creds and hijack targeted machines, researchers have said.

Israeli infosec outfit Check Point discovered the reverse RDP flaws, an attack method that allows a compromised host to transmit malware to a clean client machine opening a remote desktop protocol (RDP) session with it.
...

Later,
JP
--  -------------------------------------------------------------------
JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug