FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), published under the Apache license. Remote Desktop Protocol enables users to connect remotely to systems so they can be managed from afar. The open source nature of the FreeRDP library means that it is combined into many commercial remote desktop protocol applications.
Talos security researchers found that FreeRDP (2.0.0-beta1) on Windows, Linux and Mac OS X is affected by six security issues that can be exploited for remote code execution and denial-of-service (DoS) attacks.
According to Talos:
“We identified a number of vulnerabilities falling into 2 classes:
– 2 Code Executions.
– 4 Denials Of Service.”
The first class (code executions) enables code execution on the client side through a specifically crafted response from a RDP server. The second class (Denials Of Service) can cause the crash of the FreeRDP client. The issues resulting from defects in the handling of network packets sent from the RDP server. Actually, the size of the data required to be parsed is sent from the server without checks on the client side. An attacker can hack the server or use a man in the middle attack to trigger these vulnerabilities.
The vulnerabilities were fixed with the release of FreeRDP (2.0.0-rc0) on Monday. The developers have also issued a report pinpointing the changes made to the code.