CVE-2024-39917

xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter MaxLoginRetry in /etc/xrdp/sesman.ini. However, this mechanism was not effectively working. As a result, xrdp allows an infinite number of login attempts.

Weakness

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks.

Affected Software

Potential Mitigations

• Common protection mechanisms include:

• Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

• Consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator. [REF-45]

Related Attack Patterns

• https://cwe.mitre.org/data/definitions/16.html
• https://cwe.mitre.org/data/definitions/49.html
• https://cwe.mitre.org/data/definitions/560.html
• https://cwe.mitre.org/data/definitions/565.html
• https://cwe.mitre.org/data/definitions/600.html
• https://cwe.mitre.org/data/definitions/652.html
• https://cwe.mitre.org/data/definitions/653.html

References

• https://github.com/neutrinolabs/xrdp/commit/19c111c74c913ecc6e4ba9a738ed929a79d2ae8f
• https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-7w22-h4w7-8j5j
• https://github.com/neutrinolabs/xrdp/commit/19c111c74c913ecc6e4ba9a738ed929a79d2ae8f
• https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-7w22-h4w7-8j5j