Candidate: CVE-2011-0900
PublicDate: 2011-02-07 21:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0900
 http://www.exploit-db.com/exploits/16095/
Description:
 Stack-based buffer overflow in the tsc_launch_remote function
 (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly
 other versions, allows user-assisted remote attackers to execute arbitrary
 code via a .RDP file with a long hostname argument.
Ubuntu-Description:
Notes:
 jdstrand> should be protected by stack-protector (investigate)
 jdstrand> no patch from upstream sbversion as of 2011-02-08
  (http://tsclient.svn.sourceforge.net/viewvc/tsclient/)
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_tsclient:
Tags_tsclient: stack-protector
upstream_tsclient: needs-triage
dapper_tsclient: ignored (reached end-of-life)
hardy_tsclient: ignored (reached end-of-life)
karmic_tsclient: ignored (reached end-of-life)
lucid_tsclient: ignored (reached end-of-life)
maverick_tsclient: ignored (reached end-of-life)
natty_tsclient: ignored (reached end-of-life)
oneiric_tsclient: DNE
precise_tsclient: DNE
quantal_tsclient: DNE
raring_tsclient: DNE
devel_tsclient: DNE