製品・ソフトウェアに関する情報

JVN脆弱性詳細

rdesktop の disk_create 関数におけるディレクトリトラバーサルの脆弱性

Title	rdesktop の disk_create 関数におけるディレクトリトラバーサルの脆弱性
Summary	rdesktop の disk.c 内にある disk_create 関数には、ディスクのリダイレクション処理が有効の際、ディレクトリトラバーサルの脆弱性が存在します。
Possible impacts	リモートの RDP サーバより、パス名内の .. (dot dot) を介して、任意のファイルを読まれる、または上書きされる可能性があります。
Solution	ベンダ情報及び参考情報を参照して適切な対策を実施してください。
Publication Date	May 8, 2010, midnight
Registration Date	June 3, 2011, 9:50 a.m.
Last Update	June 3, 2011, 9:50 a.m.

CVSS2.0 : 警告
Score	4.3
Vector	AV:A/AC:H/Au:N/C:P/I:P/A:P

Affected System

レッドハット

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 5.0 (client)

Red Hat Enterprise Linux Desktop 6

Red Hat Enterprise Linux EUS 5.6.z (server)

Red Hat Enterprise Linux Long Life (v. 5.6 server)

Red Hat Enterprise Linux Server 6

Red Hat Enterprise Linux Server EUS 6.0.z

Red Hat Enterprise Linux Workstation 6

サイバートラスト株式会社

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

Rdesktop

Rdesktop 1.7.0 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-1595	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1595
National Vulnerability Database (NVD)
2	CVE-2011-1595	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1595

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-22	https://jvndb.jvn.jp/ja/cwe/CWE-22.html

ベンダー情報

No	Name	URL
Asianux Technical Support Network
1	rdesktop-1.6.0-3.2.0.1.AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1422
Red Hat Security Advisory
2	RHSA-2011:0506	https://rhn.redhat.com/errata/RHSA-2011-0506.html
Security
3	Top Page	http://www.rdesktop.org/

その他

No	Name	URL
Secunia Advisory
1	SA44200	http://secunia.com/advisories/44200
SecurityFocus
2	47419	http://www.securityfocus.com/bid/47419
SecurityTracker
3	1025525	http://www.securitytracker.com/id?1025525

Change Log

No	Changed Details	Date of change
0	[2011年06月03日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2011-1595

Summary	Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname.
Publication Date	May 25, 2011, 8:55 a.m.
Registration Date	Jan. 28, 2021, 4:38 p.m.
Last Update	Nov. 21, 2024, 10:26 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:rdesktop:rdesktop:1.4.0:::::::*
cpe:2.3:a:rdesktop:rdesktop::::::::		1.6.0
cpe:2.3:a:rdesktop:rdesktop:1.1.0:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.4.1:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.3.1:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.2.0:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.0.0:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.3.0:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.5.0:::::::*

Related information, measures and tools

No	URL	タグ
1	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061170.html
2	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061309.html
3	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061316.html
4	http://rdesktop.svn.sourceforge.net/viewvc/rdesktop?view=revision&revision=1626	Patch
5	http://secunia.com/advisories/44881
6	http://secunia.com/advisories/51023
7	http://security.gentoo.org/glsa/glsa-201210-03.xml
8	http://securitytracker.com/id?1025525
9	http://sourceforge.net/mailarchive/message.php?msg_id=27376554
10	http://sourceforge.net/projects/rdesktop/files/rdesktop/1.7.0/rdesktop-1.7.0.tar.gz/download	Patch
11	http://www.mandriva.com/security/advisories?name=MDVSA-2011:102
12	http://www.securityfocus.com/bid/47419
13	http://www.ubuntu.com/usn/USN-1136-1
14	https://bugzilla.redhat.com/show_bug.cgi?id=676252	Exploit Patch
15	https://rhn.redhat.com/errata/RHSA-2011-0506.html
16	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061170.html
17	https://rhn.redhat.com/errata/RHSA-2011-0506.html
18	https://bugzilla.redhat.com/show_bug.cgi?id=676252	Exploit Patch
19	http://www.ubuntu.com/usn/USN-1136-1
20	http://www.securityfocus.com/bid/47419
21	http://www.mandriva.com/security/advisories?name=MDVSA-2011:102
22	http://sourceforge.net/projects/rdesktop/files/rdesktop/1.7.0/rdesktop-1.7.0.tar.gz/download	Patch
23	http://sourceforge.net/mailarchive/message.php?msg_id=27376554
24	http://securitytracker.com/id?1025525
25	http://security.gentoo.org/glsa/glsa-201210-03.xml
26	http://secunia.com/advisories/51023
27	http://secunia.com/advisories/44881
28	http://rdesktop.svn.sourceforge.net/viewvc/rdesktop?view=revision&revision=1626	Patch
29	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061316.html
30	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061309.html

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-22	パス・トラバーサル	https://cwe.mitre.org/data/definitions/22.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:rdesktop:rdesktop:1.4.0:::::::*
cpe:2.3:a:rdesktop:rdesktop::::::::		1.6.0
cpe:2.3:a:rdesktop:rdesktop:1.1.0:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.4.1:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.3.1:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.2.0:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.0.0:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.3.0:::::::*
cpe:2.3:a:rdesktop:rdesktop:1.5.0:::::::*