Netkit · Netkit · CVE-2019-7282
**Name of the Vulnerable Software and Affected Versions**
NetKit versions through 0.17
**Description**
The issue is related to insufficient access restrictions in the rcp.c component of the NetKit-rsh program. It allows a remote attacker to impact data integrity by using an empty filename or a filename of '.'. This can lead to modifying the permissions of the target directory on the client side.
**Recommendations**
For NetKit versions through 0.17, as a temporary workaround, consider restricting the use of the rcp client until a patch is available. Avoid using filenames that could be exploited, such as '.' or empty filenames, in the rcp client.