Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1720

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1720
Last Modified 07 Mar 2011 10:07:31
Published 10 Apr 2008 03:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1720

Summary

Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.

Vulnerable Systems

Application

  • Samba Rsync 2.6.9

  • Samba Rsync 2.7.0

  • Samba Rsync 2.7.1

  • Samba Rsync 2.7.2

  • Samba Rsync 2.7.3

  • Samba Rsync 2.7.4

  • Samba Rsync 2.7.5

  • Samba Rsync 2.7.6

  • Samba Rsync 2.7.7

  • Samba Rsync 2.7.8

  • Samba Rsync 2.7.9

  • Samba Rsync 2.8.0

  • Samba Rsync 2.8.1

  • Samba Rsync 2.8.2

  • Samba Rsync 2.8.3

  • Samba Rsync 2.8.4

  • Samba Rsync 2.8.5

  • Samba Rsync 2.8.6

  • Samba Rsync 2.8.7

  • Samba Rsync 2.8.8

  • Samba Rsync 2.8.9

  • Samba Rsync 2.9.0

  • Samba Rsync 2.9.1

  • Samba Rsync 2.9.2

  • Samba Rsync 2.9.3

  • Samba Rsync 2.9.4

  • Samba Rsync 2.9.5

  • Samba Rsync 2.9.6

  • Samba Rsync 2.9.7

  • Samba Rsync 2.9.8

  • Samba Rsync 2.9.9

  • Samba Rsync 3.0.0

  • Samba Rsync 3.0.1


References

CONFIRM - http://samba.anu.edu.au/rsync/security.html#s3_0_2

CONFIRM - http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff

VUPEN - ADV-2008-1215

VUPEN - ADV-2008-1191

HP - SSRT090062

FEDORA - FEDORA-2008-3060

FEDORA - FEDORA-2008-3047

XF - rsync-xattr-bo(41766)

UBUNTU - USN-600-1

SECTRACK - 1019835

BID - 28726

OSVDB - 44369

OSVDB - 44368

MANDRIVA - MDVSA-2008:084

MLIST - [rsync-announce] 20080408 Rsync 3.0.2 released w/xattr security fix (attn: 2.6.9 onward)

DEBIAN - DSA-1545

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=591462&group_id=69227

GENTOO - GLSA-200804-16

SECUNIA - 29861

SECUNIA - 29856

SECUNIA - 29788

SECUNIA - 29781

SECUNIA - 29777

SECUNIA - 29770

SECUNIA - 29668

SUSE - SUSE-SR:2008:011

HP - HPSBMA02447


Last Updated: 27 May 2016 10:47:28