Test ID:	1.3.6.1.4.1.25623.1.0.69679
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2011:102 (rdesktop)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to rdesktop announced via advisory MDVSA-2011:102. A vulnerability has been identified and fixed in rdesktop: Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname (CVE-2011-1595). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php\?cPath=149\&products_id=490 The updated packages have been patched to correct this issue. Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2011:102 Risk factor : Medium CVSS Score: 4.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1595 1025525 http://securitytracker.com/id?1025525 44881 http://secunia.com/advisories/44881 47419 http://www.securityfocus.com/bid/47419 51023 http://secunia.com/advisories/51023 FEDORA-2011-7688 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061170.html FEDORA-2011-7694 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061309.html FEDORA-2011-7697 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061316.html GLSA-201210-03 http://security.gentoo.org/glsa/glsa-201210-03.xml MDVSA-2011:102 http://www.mandriva.com/security/advisories?name=MDVSA-2011:102 RHSA-2011:0506 https://rhn.redhat.com/errata/RHSA-2011-0506.html USN-1136-1 http://www.ubuntu.com/usn/USN-1136-1 [rdesktop-announce] 20110418 rdesktop 1.7.0 released http://sourceforge.net/mailarchive/message.php?msg_id=27376554 http://rdesktop.svn.sourceforge.net/viewvc/rdesktop?view=revision&revision=1626 http://sourceforge.net/projects/rdesktop/files/rdesktop/1.7.0/rdesktop-1.7.0.tar.gz/download https://bugzilla.redhat.com/show_bug.cgi?id=676252
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.