Lucene search

MitreCVE-2011-0901

HistoryFeb 07, 2011 - 9:00 p.m.

CVE-2011-0901

2011-02-0721:00:16

CWE-119

mitre

web.nvd.nist.gov

cve-2011-0901

stack-based buffer overflows

tsclient

remote code execution

nvd

security vulnerability

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.074

Percentile

94.1%

JSON

Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

erick_woodsterminal_server_clientMatch0.150

VendorProductVersionCPE
erick_woodsterminal_server_client0.150cpe:2.3:a:erick_woods:terminal_server_client:0.150:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
erick_woods	terminal_server_client	0.150	cpe:2.3:a:erick_woods:terminal_server_client:0.150:::::::*

References

osvdb.org/70749

secunia.com/advisories/43120

exchange.xforce.ibmcloud.com/vulnerabilities/65101

exchange.xforce.ibmcloud.com/vulnerabilities/65102

exchange.xforce.ibmcloud.com/vulnerabilities/65103

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.074

Percentile

94.1%

JSON

Related for CVE-2011-0901