CVE-2011-0901
published 2011-02-07CVE-2011-0901: Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other…
PriorityP338medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
4.52%
90.3th percentile
Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| erick_woods | terminal_server_client | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
tsclient: multiple stack-based buffer overflows in tsc_launch_remote()
vendor_redhat·2011-02-02·CVSS 6.8
CVE-2011-0901 [MEDIUM] CWE-121 tsclient: multiple stack-based buffer overflows in tsc_launch_remote()
tsclient: multiple stack-based buffer overflows in tsc_launch_remote()
Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Package: tsclient (Red Hat Enterprise Linux 4) - Affected
Package: tsclient (Red Hat Enterprise Linux 5) - Affected
Package: tsclient (Red Hat Enterprise Linux 6) - Under investigation
GHSA
GHSA-8phm-24vg-g4ph: Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support
ghsa_unreviewed·2022-05-17
CVE-2011-0901 [MEDIUM] CWE-119 GHSA-8phm-24vg-g4ph: Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support
Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
No detection rules found.
http://osvdb.org/70749http://secunia.com/advisories/43120https://exchange.xforce.ibmcloud.com/vulnerabilities/65101https://exchange.xforce.ibmcloud.com/vulnerabilities/65102https://exchange.xforce.ibmcloud.com/vulnerabilities/65103http://osvdb.org/70749http://secunia.com/advisories/43120https://exchange.xforce.ibmcloud.com/vulnerabilities/65101https://exchange.xforce.ibmcloud.com/vulnerabilities/65102https://exchange.xforce.ibmcloud.com/vulnerabilities/65103
2011-02-07
Published