14 matches found
Mandriva Linux Security Advisory : rsync (MDVSA-2008:084)
Sebastian Krahmer of SUSE discovered that rsync could overflow when handling ACLs. An attacker could construct a malicious set of files that, when processed, could lead to arbitrary code execution or a crash CVE-2008-1720. The updated packages have been patched to correct this issue. %NASLMINLEVE...
Mandriva Update for rsync MDVSA-2008:084 (rsync)
Check for the Version of rsync OpenVAS Vulnerability Test Mandriva Update for rsync MDVSA-2008:084 rsync Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Ubuntu Update for rsync vulnerability USN-600-1
Ubuntu Update for Linux kernel vulnerabilities USN-600-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6001.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for rsync vulnerability USN-600-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Fedora Update for rsync FEDORA-2008-3060
Check for the Version of rsync OpenVAS Vulnerability Test Fedora Update for rsync FEDORA-2008-3060 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Fedora Update for rsync FEDORA-2008-3060
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rsync FEDORA-2008-3047
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
openSUSE 10 Security Update : rsync (rsync-5207)
A remotely exploitable heap overflow in rsync's xattr code has been fixed. CVE-2008-1720 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update rsync-5207. The text...
Debian Security Advisory DSA 1545-1 (rsync)
The remote host is missing an update to rsync announced via advisory DSA 1545-1. OpenVAS Vulnerability Test $Id: deb15451.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1545-1 rsync Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian DSA-1545-1 : rsync - integer overflow
Sebastian Krahmer discovered that an integer overflow in rsync's code for handling extended attributes may lead to arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
Rsync xattr支持整数溢出漏洞
BUGTRAQ ID: 28726 CVECAN ID: CVE-2008-1720 rsync是一个快速增量文件传输工具,用于在同一主机备份内部的备份。 rsync处理扩展属性数据时存在漏洞,如果rsync启用了扩展属性(xattr)支持的话,则负责处理该属性的代码中的整数溢出漏洞可能导致执行任意指令。 rsync rsync 2.6.9 - 3.0.1 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1545-1)以及相应补丁: DSA-1545-1:New rsync packages fix arbitrary code execution...
[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1545-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 10, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1545-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 10, 2008 http://www.debian.org/security/faq -...
CVE-2008-1720
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute xattr support enabled, might allow remote attackers to execute arbitrary code via unknown vectors...
CVE-2008-1720
CVE-2008-1720 concerns rsync, where a buffer/overflow issue in rsync 2.6.9–3.0.1 with extended attribute support enabled can allow a remote attacker to execute arbitrary code or crash. Public sources attribute the overflow to handling of ACLs/xattr, enabling remote code execution or instability u...