back to article Holy Guacamole! Researchers find Apache remote desktop software was silently pwnable for snooping on sessions

The Apache Project's popular Guacamole open-source remote desktop software contained vulns allowing remote attackers to steal login creds and hijack targeted machines, researchers have said. Israeli infosec outfit Check Point discovered the reverse RDP flaws, an attack method that allows a compromised host to transmit malware …

  1. HildyJ Silver badge
    Devil

    So you're saying

    Avocado is toast?

    1. Warm Braw Silver badge

      Re: So you're saying

      Pitted against the bug, the Apache Foundation seem to have smashed it.

      1. Robert Grant Silver badge

        Re: So you're saying

        But for attackers who exploited it, think of all that green!

    2. Trigonoceps occipitalis

      Re: So you're saying

      Isn't Avocado the basis of that Guacamole you get in fish 'n' chip shops?

  2. Smartypantz

    Smell of fear

    Ooehh. i Love the smell of fear in the morning!

    Vendors of remote support, remote desktop "und so weiter" (looking directly at teamviewer and their "upgrade now or else" scheme) must be trembling..

    Open source desktop sharing with no hassles? I can't wait! And i won't! Now that i know of Apache Guacamole! HAR-HAR! /Nelson

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020