Rsync Heap Overflow in Daemon Mode Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1008380
|
|
CVE Reference: CAN-2003-0962
(Links to External Site)
|
Date: Dec 4 2003
|
Impact: Execution of arbitrary code via network, User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 2.5.6 and prior versions
|
Description: A vulnerability was reported in rsync. A remote user can execute arbitrary code on the target system.
It is reported that a remote user can connect to a target server running rsync on TCP port 873 and send specially crafted data to
execute arbitrary code. The code will run with the privileges of the rsync daemon.
Only systems that are running rsync in daemon
mode are reportedly affected.
|
Impact: A remote user can execute arbitrary code with the privileges of the rsync daemon.
|
Solution: The vendor has released a fixed version (2.5.7) and also a patch for 2.5.6, available at:
http://rsync.samba.org/
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.6-2.5.7.diff.gz
|
Vendor URL: rsync.samba.org/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Thu, 04 Dec 2003 05:40:06 -0500
Subject: rsync
|
It is reported that all versions of rsync prior to 2.5.7 contains a heap overflow. A
remote user can exceute arbitary code on the target system. Only systems that are running
rsync in daemon mode are affected.
CVE: CAN-2003-0962
|
|
