Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 364191 (CVE-2011-1595) - <net-misc/rdesktop-1.7.0: Directory traversal vulnerability with malicious server (CVE-2011-1595)
Summary: <net-misc/rdesktop-1.7.0: Directory traversal vulnerability with malicious se...
Status: RESOLVED FIXED
Alias: CVE-2011-1595
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://sourceforge.net/mailarchive/me...
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-04-20 02:22 UTC by Tim Sammut (RETIRED)
Modified: 2012-10-18 20:59 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Sammut (RETIRED) gentoo-dev 2011-04-20 02:22:37 UTC
From $URL:

I'm happy to announce a new release of rdesktop, version 1.7.0. This fixes 
some important bugs and is therefore recommended for all users.

Key changes:

   * Security: Directory traversal vulnerability with disk redirection (disallow /.. requests)

<-- snip -->

The upstream fix looks to be at: http://rdesktop.svn.sourceforge.net/viewvc/rdesktop?view=revision&revision=1626
Comment 1 Bernard Cafarelli gentoo-dev 2011-04-20 11:48:01 UTC
rdesktop-1.7.0 is in tree now and seems to be working fine so far (this is mostly a bugfix release anyway). It looks like the RH bug is not publicly accessible, but stabling this new version looks like a good idea

Current stable KEYWORDS: alpha amd64 hppa ia64 ppc ppc64 sparc x86
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2011-04-20 16:06:41 UTC
(In reply to comment #1)
> rdesktop-1.7.0 is in tree now and seems to be working fine so far (this is
> mostly a bugfix release anyway). It looks like the RH bug is not publicly
> accessible, but stabling this new version looks like a good idea
> 

Great, thank you.

Arches, please test and mark stable:
=net-misc/rdesktop-1.7.0
Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"
Comment 3 Yury German Gentoo Infrastructure gentoo-dev Security 2011-04-21 07:18:09 UTC
CVE-2011-1595 Has been assigned
Comment 4 Agostino Sarubbo gentoo-dev 2011-04-21 14:33:16 UTC
amd64 ok
Comment 5 Jeroen Roovers gentoo-dev 2011-04-22 02:48:51 UTC
Stable for HPPA.
Comment 6 Christian Faulhammer (RETIRED) gentoo-dev 2011-04-23 21:13:21 UTC
x86 already stable for two days...done by tomka.
Comment 7 Joe Jezak (RETIRED) gentoo-dev 2011-04-24 02:57:10 UTC
Marked ppc stable.
Comment 8 Markos Chandras (RETIRED) gentoo-dev 2011-04-25 09:48:10 UTC
amd64 done. Thanks Agostino
Comment 9 Raúl Porcel (RETIRED) gentoo-dev 2011-04-25 14:13:40 UTC
alpha/ia64/sparc stable
Comment 10 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-04-26 12:16:59 UTC
ppc64 stable, last arch done
Comment 11 Bernard Cafarelli gentoo-dev 2011-04-26 12:46:23 UTC
Vulnerable version removed from tree
Comment 12 Tim Sammut (RETIRED) gentoo-dev 2011-04-26 13:53:37 UTC
Thanks, folks. GLSA request filed.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2011-06-14 09:05:29 UTC
CVE-2011-1595 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1595):
  Directory traversal vulnerability in the disk_create function in disk.c in
  rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP
  servers to read or overwrite arbitrary files via a .. (dot dot) in a
  pathname.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2012-10-18 20:59:12 UTC
This issue was resolved and addressed in
 GLSA 201210-03 at http://security.gentoo.org/glsa/glsa-201210-03.xml
by GLSA coordinator Stefan Behte (craig).