Описание
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-1720
- https://access.redhat.com/security/cve/CVE-2008-1720
- https://bugzilla.redhat.com/show_bug.cgi?id=441683
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41766
- https://usn.ubuntu.com/600-1
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00237.html
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00247.html
- http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
- http://marc.info/?l=bugtraq&m=125017764422557&w=2
- http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff
- http://samba.anu.edu.au/rsync/security.html#s3_0_2
- http://secunia.com/advisories/29668
- http://secunia.com/advisories/29770
- http://secunia.com/advisories/29777
- http://secunia.com/advisories/29781
- http://secunia.com/advisories/29788
- http://secunia.com/advisories/29856
- http://secunia.com/advisories/29861
- http://security.gentoo.org/glsa/glsa-200804-16.xml
- http://sourceforge.net/project/shownotes.php?release_id=591462&group_id=69227
- http://www.debian.org/security/2008/dsa-1545
- http://www.mail-archive.com/rsync-announce%40lists.samba.org/msg00057.html
- http://www.mail-archive.com/rsync-announce@lists.samba.org/msg00057.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:084
- http://www.osvdb.org/44368
- http://www.osvdb.org/44369
- http://www.securityfocus.com/bid/28726
- http://www.securitytracker.com/id?1019835
- http://www.vupen.com/english/advisories/2008/1191/references
- http://www.vupen.com/english/advisories/2008/1215/references
Связанные уязвимости
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xatt ...
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации