fedora 25
access weakness #17

4

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

If this call fails, the program could fail to drop heightened privileges.

File Name:

FreeRDP-3b8352690e5ff1ab34357a2df2b6e22423bcea38/winpr/include/winpr/rpc.h

Context:

The highlighted line of code below is the trigger point of this particular Fedora 25 access weakness.

 WINPR_API RPC_STATUS RpcMgmtIsServerListening(RPC_BINDING_HANDLE Binding);
WINPR_API RPC_STATUS RpcMgmtStopServerListening(RPC_BINDING_HANDLE Binding);
WINPR_API RPC_STATUS RpcMgmtWaitServerListen(void);
WINPR_API RPC_STATUS RpcMgmtSetServerStackSize(unsigned long ThreadStackSize);
WINPR_API void RpcSsDontSerializeContext(void);
WINPR_API RPC_STATUS RpcMgmtEnableIdleCleanup(void);
WINPR_API RPC_STATUS RpcMgmtInqIfIds(RPC_BINDING_HANDLE Binding,
                                     RPC_IF_ID_VECTOR** IfIdVector);
WINPR_API RPC_STATUS RpcIfIdVectorFree(RPC_IF_ID_VECTOR** IfIdVector);
WINPR_API RPC_STATUS RpcMgmtInqServerPrincNameA(RPC_BINDING_HANDLE Binding,
        unsigned long AuthnSvc, RPC_CSTR* ServerPrincName);
WINPR_API RPC_STATUS RpcMgmtInqServerPrincNameW(RPC_BINDING_HANDLE Binding,
        unsigned long AuthnSvc, RPC_WSTR* ServerPrincName);
WINPR_API RPC_STATUS RpcServerInqDefaultPrincNameA(unsigned long AuthnSvc,
        RPC_CSTR* PrincName);
WINPR_API RPC_STATUS RpcServerInqDefaultPrincNameW(unsigned long AuthnSvc,
        RPC_WSTR* PrincName);
WINPR_API RPC_STATUS RpcEpResolveBinding(RPC_BINDING_HANDLE Binding,
        RPC_IF_HANDLE IfSpec);
WINPR_API RPC_STATUS RpcNsBindingInqEntryNameA(RPC_BINDING_HANDLE Binding,
        unsigned long EntryNameSyntax, RPC_CSTR* EntryName);
WINPR_API RPC_STATUS RpcNsBindingInqEntryNameW(RPC_BINDING_HANDLE Binding,
        unsigned long EntryNameSyntax, RPC_WSTR* EntryName);

WINPR_API RPC_STATUS RpcImpersonateClient(RPC_BINDING_HANDLE BindingHandle);
WINPR_API RPC_STATUS RpcRevertToSelfEx(RPC_BINDING_HANDLE BindingHandle);
WINPR_API RPC_STATUS RpcRevertToSelf(void);
WINPR_API RPC_STATUS RpcBindingInqAuthClientA(RPC_BINDING_HANDLE ClientBinding,
        RPC_AUTHZ_HANDLE* Privs,
        RPC_CSTR* ServerPrincName, unsigned long* AuthnLevel, unsigned long* AuthnSvc,
        unsigned long* AuthzSvc);
WINPR_API RPC_STATUS RpcBindingInqAuthClientW(RPC_BINDING_HANDLE ClientBinding,
        RPC_AUTHZ_HANDLE* Privs,
        RPC_WSTR* ServerPrincName, unsigned long* AuthnLevel, unsigned long* AuthnSvc,
        unsigned long* AuthzSvc);
WINPR_API RPC_STATUS RpcBindingInqAuthClientExA(RPC_BINDING_HANDLE
        ClientBinding, RPC_AUTHZ_HANDLE* Privs,
        RPC_CSTR* ServerPrincName, unsigned long* AuthnLevel, unsigned long* AuthnSvc,
        unsigned long* AuthzSvc, unsigned long Flags);
WINPR_API RPC_STATUS RpcBindingInqAuthClientExW(RPC_BINDING_HANDLE
        ClientBinding, RPC_AUTHZ_HANDLE* Privs,
        RPC_WSTR* ServerPrincName, unsigned long* AuthnLevel, unsigned long* AuthnSvc,
        unsigned long* AuthzSvc, unsigned long Flags);
WINPR_API RPC_STATUS RpcBindingInqAuthInfoA(RPC_BINDING_HANDLE Binding,
        RPC_CSTR* ServerPrincName, unsigned long* AuthnLevel,
        unsigned long* AuthnSvc, RPC_AUTH_IDENTITY_HANDLE* AuthIdentity,
        unsigned long* AuthzSvc);
WINPR_API RPC_STATUS RpcBindingInqAuthInfoW(RPC_BINDING_HANDLE Binding,
        RPC_WSTR* ServerPrincName, unsigned long* AuthnLevel,
        unsigned long* AuthnSvc, RPC_AUTH_IDENTITY_HANDLE* AuthIdentity, 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.