PT-2011-1129 · Rdesktop+1 · Rdesktop+1

Henrik Andersson

Published

2011-05-11

Updated

2013-04-05

CVE-2011-1595

CVSS v2.0

4.3

Medium

Vector

AV:A/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions rdesktop versions prior to 1.7.0

Description The issue is related to a directory traversal vulnerability in the disk create function in disk.c when disk redirection is enabled. This allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname. The vulnerability can lead to a violation of confidentiality, integrity, and availability of protected information.

Recommendations For versions prior to 1.7.0, update to version 1.7.0 or later to resolve the issue. As a temporary workaround, consider disabling disk redirection to minimize the risk of exploitation. Restrict access to the disk create function in disk.c until a patch is available. Avoid using the disk create function when disk redirection is enabled until the issue is resolved.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

BDU:2015-06862

BDU:2015-06863

BDU:2015-08740

BDU:2015-08741

BDU:2015-09655

CVE-2011-1595

RHSA-2011:0506

RHSA-2011_0506

Affected Products

Red Hat

Rdesktop

PT-2011-1129 · Rdesktop+1 · Rdesktop+1

CVE-2011-1595

Weakness Enumeration

Related Identifiers

Affected Products

References · 28