Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 364191 (CVE-2011-1595)

Summary: <net-misc/rdesktop-1.7.0: Directory traversal vulnerability with malicious server (CVE-2011-1595)
Product: Gentoo Security Reporter: Tim Sammut (RETIRED) <underling>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: alexanderyt, voyageur
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://sourceforge.net/mailarchive/message.php?msg_id=27376554
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Tim Sammut (RETIRED) gentoo-dev 2011-04-20 02:22:37 UTC 
From $URL:

I'm happy to announce a new release of rdesktop, version 1.7.0. This fixes 
some important bugs and is therefore recommended for all users.

Key changes:

   * Security: Directory traversal vulnerability with disk redirection (disallow /.. requests)

<-- snip -->

The upstream fix looks to be at: http://rdesktop.svn.sourceforge.net/viewvc/rdesktop?view=revision&revision=1626
Comment 1 Bernard Cafarelli gentoo-dev 2011-04-20 11:48:01 UTC 
rdesktop-1.7.0 is in tree now and seems to be working fine so far (this is mostly a bugfix release anyway). It looks like the RH bug is not publicly accessible, but stabling this new version looks like a good idea

Current stable KEYWORDS: alpha amd64 hppa ia64 ppc ppc64 sparc x86
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2011-04-20 16:06:41 UTC 
(In reply to comment #1)
> rdesktop-1.7.0 is in tree now and seems to be working fine so far (this is
> mostly a bugfix release anyway). It looks like the RH bug is not publicly
> accessible, but stabling this new version looks like a good idea
> 

Great, thank you.

Arches, please test and mark stable:
=net-misc/rdesktop-1.7.0
Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"
Comment 3 Yury German Gentoo Infrastructure gentoo-dev 2011-04-21 07:18:09 UTC 
CVE-2011-1595 Has been assigned
Comment 4 Agostino Sarubbo gentoo-dev 2011-04-21 14:33:16 UTC 
amd64 ok
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2011-04-22 02:48:51 UTC 
Stable for HPPA.
Comment 6 Christian Faulhammer (RETIRED) gentoo-dev 2011-04-23 21:13:21 UTC 
x86 already stable for two days...done by tomka.
Comment 7 Joe Jezak (RETIRED) gentoo-dev 2011-04-24 02:57:10 UTC 
Marked ppc stable.
Comment 8 Markos Chandras (RETIRED) gentoo-dev 2011-04-25 09:48:10 UTC 
amd64 done. Thanks Agostino
Comment 9 Raúl Porcel (RETIRED) gentoo-dev 2011-04-25 14:13:40 UTC 
alpha/ia64/sparc stable
Comment 10 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-04-26 12:16:59 UTC 
ppc64 stable, last arch done
Comment 11 Bernard Cafarelli gentoo-dev 2011-04-26 12:46:23 UTC 
Vulnerable version removed from tree
Comment 12 Tim Sammut (RETIRED) gentoo-dev 2011-04-26 13:53:37 UTC 
Thanks, folks. GLSA request filed.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2011-06-14 09:05:29 UTC 
CVE-2011-1595 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1595):
  Directory traversal vulnerability in the disk_create function in disk.c in
  rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP
  servers to read or overwrite arbitrary files via a .. (dot dot) in a
  pathname.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2012-10-18 20:59:12 UTC 
This issue was resolved and addressed in
 GLSA 201210-03 at http://security.gentoo.org/glsa/glsa-201210-03.xml
by GLSA coordinator Stefan Behte (craig).