Lucene search

PRIOn knowledge basePRION:CVE-2006-2083

HistoryApr 28, 2006 - 9:02 p.m.

Integer overflow

2006-04-2821:02:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.6%

JSON

Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow.

CPENameOperatorVersion
rsynceq2.6.7
rsynceq2.6.4
rsynceq2.6.5
rsynceq2.6.2
rsynceq2.6.1
rsynceq2.6.6
rsynceq2.6.0
rsynceq2.6.3

Name	Operator	Version
rsync	eq	2.6.7
rsync	eq	2.6.4
rsync	eq	2.6.5
rsync	eq	2.6.2
rsync	eq	2.6.1
rsync	eq	2.6.6
rsync	eq	2.6.0
rsync	eq	2.6.3

References

samba.anu.edu.au/ftp/rsync/rsync-2.6.8-NEWS

secunia.com/advisories/19920

secunia.com/advisories/19964

secunia.com/advisories/20011

www.gentoo.org/security/en/glsa/glsa-200605-05.xml

www.securityfocus.com/bid/17788

www.trustix.org/errata/2006/0024

www.vupen.com/english/advisories/2006/1606

exchange.xforce.ibmcloud.com/vulnerabilities/26208

8.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.6%

JSON

Related for PRION:CVE-2006-2083