| Rich Freeman via plug on 3 Jul 2020 04:14:26 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Apache Guacamole CVEs (2020-9497 and 2020-9498) |
On Thu, Jul 2, 2020 at 9:32 PM JP Vossen via plug <plug@lists.phillylinux.org> wrote: > > Israeli infosec outfit Check Point discovered the reverse RDP flaws, an > attack method that allows a compromised host to transmit malware to a > clean client machine opening a remote desktop protocol (RDP) session > with it. > ... Hadn't heard of Reverse RDP but what I got out of about 30 seconds of Googling made my jaw drop. This seems like it has been a bit of a treasure trove of windows vulnerabilities - it sounds like Guacamole uses RDP internally so it would have the same issues. I'd think any linux RDP client would need to be looked at if this wasn't already done. Reminds me of the golden era when MS office had zero concern for exploits in VBA/etc so opening a random word doc was basically like running an exe file. Stuff like Citrix/RDP/etc often has ways to do things like map client printers/drives/etc to the server to make applications operate more seamlessly, but these sorts of things are obviously a way for a compromised server to get back into the host. Things like ssh agents need to be protected against similar attacks on linux, and X11 security extensions with ssh have been a thing for a long time for the same reason. Once your terminal is more than just a terminal you have to be concerned with what the remote host is sending you... -- Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug