CVE-2011-0901

Name of the Vulnerable Software and Affected Versions Terminal Server Client (tsclient) version 0.150, and possibly other versions

Description The issue is related to multiple stack-based buffer overflows in the tsc launch remote function, located in src/support.c. This can be exploited by user-assisted remote attackers via a .RDP file with a long username, password, or domain argument, potentially allowing the execution of arbitrary code.

Recommendations For version 0.150, consider disabling the tsc launch remote function until a patch is available to prevent exploitation. Restrict access to .RDP files with long arguments to minimize the risk of exploitation. Avoid using long username, password, or domain arguments in .RDP files until the issue is resolved.