Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2011-1595

Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname.

  • Published: May 25, 2011
  • Updated: Apr 13, 2023
  • CVE: CVE-2011-1595
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:A/AC:H/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
rdesktop / rdesktop 1.4.0 1.4.0.x
rdesktop / rdesktop - 1.6.0.x
rdesktop / rdesktop 1.1.0 1.1.0.x
rdesktop / rdesktop 1.4.1 1.4.1.x
rdesktop / rdesktop 1.3.1 1.3.1.x
rdesktop / rdesktop 1.2.0 1.2.0.x
rdesktop / rdesktop 1.0.0 1.0.0.x
rdesktop / rdesktop 1.3.0 1.3.0.x
rdesktop / rdesktop 1.5.0 1.5.0.x