1
PublicDateAtUSN: 2017-07-27
2
Candidate: CVE-2017-2839
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2839
6
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341
7
http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
8
https://usn.ubuntu.com/usn/usn-3380-1
10
An exploitable denial of service vulnerability exists within the handling
11
of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted
12
challenge packet can cause the program termination leading to a denial of
13
service condition. An attacker can compromise the server or use man in the
14
middle to trigger this vulnerability.
18
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869880
20
Discovered-by: Tyler Bohan
24
upstream: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
25
upstream_freerdp: needed
26
precise/esm_freerdp: DNE
27
trusty_freerdp: released (1.0.2-2ubuntu1.1)
28
vivid/ubuntu-core_freerdp: DNE
29
xenial_freerdp: released (1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.2)
30
zesty_freerdp: released (1.1.0~git20140921.1.440916e+dfsg1-10ubuntu1.1)
31
devel_freerdp: released (1.1.0~git20140921.1.440916e+dfsg1-10ubuntu2)