Lucene search

K
rosalinuxROSA LABROSA-SA-2021-1964
HistoryJul 02, 2021 - 6:04 p.m.

Advisory ROSA-SA-2021-1964

2021-07-0218:04:47
ROSA LAB
abf.rosalinux.ru
11

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

0.087 Low

EPSS

Percentile

94.5%

Software: rsync 3.1.2
OS: Cobalt 7.9

CVE-ID: CVE-2017-15994
CVE-Crit: CRITICAL
CVE-DESC: rsync 3.1.3-development before 10/24-2017 incorrectly handles outdated checksums, making it easy for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch is widely used not only by rsync developers, for example, the code has been copied for use in various GitHub projects.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2017-17433
CVE-Crit: LOW
CVE-DESC: The recv_files function in the Receiver.c file in daemon in rsync 3.1.2 and 3.1.3-development until 2017-12-03 continues certain file metadata updates before checking the file name in the daemon_filter_list data structure, allowing remote attackers to bypass intended access restrictions.
CVE-STATUS: default
CVE-REV: Default

CVE-ID: CVE-2017-17434
CVE-Crit: CRITICAL
CVE-DESC: daemon in rsync 3.1.2 and 3.1.3-development before 03.12.2017 does not check fnamecmp filenames in daemon_filter_list data structure (in recv_files function in Receiver.c file), nor does it. apply the sanitize_paths protection mechanism to path names found in “xname follow” strings (in the read_ndx_and_attrs function in rsync.c), allowing remote attackers to bypass intended access restrictions.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2017-16548
CVE-Crit: CRITICAL
CVE-DESC: The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check the terminating character ‘\ 0’ in the xattr name, allowing remote attackers to cause a denial of service (heap -based buffer re-read and application crash) or possibly have an unspecified other impact by sending created data to the daemon.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2018-5764
CVE-Crit: HIGH
CVE-DESC: The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple uses of --protect-args, allowing remote attackers to bypass the argument scrubbing protection mechanism.
CVE-STATUS: default
CVE-REV: default

OSVersionArchitecturePackageVersionFilename
Cobaltanynoarchrsync< 3.1.2UNKNOWN

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

0.087 Low

EPSS

Percentile

94.5%