Directory traversal vulnerability in the disk_create function in disk.c in rdesktop prior to 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
rdesktop rdesktop 1.0.0 |
||
rdesktop rdesktop 1.1.0 |
||
rdesktop rdesktop 1.5.0 |
||
rdesktop rdesktop 1.4.0 |
||
rdesktop rdesktop |
||
rdesktop rdesktop 1.2.0 |
||
rdesktop rdesktop 1.3.0 |
||
rdesktop rdesktop 1.3.1 |
||
rdesktop rdesktop 1.4.1 |
Vulmon