Создать в доме особую уютную атмосферу и оптимальный микроклимат поможет конвектор Centek CT-6123. Его предназначение обогрев помещений площадью до 20 квадратных метров. С мощностью в 2000 Вт прибор довольно справится со своей задачей. При этом мощность нагрева можно регулировать, выбирая один из трех режимов. Светодиодный индикатор позволит контролировать режимы. Centek CT-6123 удобен еще и тем, […]
https://security-tracker.debian.org/tracker/DSA-6123-1
xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-bounds read within a potentially privileged process. On non-Debian platforms, xrdp tends to run as root. Potentially an out-of-bounds write can follow the out-of-bounds read. There is no denial-of-service impact, providing xrdp is…
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on port 3350. This will allow them to capture any user credentials that are submitted to XRDP and approve or reject arbitrary login credentials. For xorgxrdp sessions in particular, this allows an unauthorized user to hijack an…