Scientific Linux Security Update : rdesktop on SL5.x, SL6.x i386/x86_64
Medium Nessus Plugin ID 61037
SynopsisThe remote Scientific Linux host is missing a security update.
DescriptionA directory traversal flaw was found in the way rdesktop shared a local path with a remote server. If a user connects to a malicious server with rdesktop, the server could use this flaw to cause rdesktop to read and write to arbitrary, local files accessible to the user running rdesktop. (CVE-2011-1595)
SolutionUpdate the affected rdesktop package.