4.3 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:H/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.5%
rdesktop is a Remote Desktop Protocol (RDP) Client.
A vulnerability has been discovered in rdesktop. Please review the CVE identifier referenced below for details.
Remote RDP servers may be able to read or overwrite arbitrary files via a … (dot dot) in a pathname.
There is no known workaround at this time.
All rdesktop users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/rdesktop-1.7.0"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | net-misc/rdesktop | < 1.7.0 | UNKNOWN |