CVE-2011-1595
EPSS 0.33%
Description
Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname.
How to fix CVE-2011-1595
To remediate CVE-2011-1595, upgrade the affected package to a fixed version below.
- Debian/rdesktop—upgrade to 1.7.0-1 or later
Is CVE-2011-1595 being exploited?
Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.7.0-1