Описание
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-1097
- https://bugzilla.redhat.com/show_bug.cgi?id=675036
- https://bugzilla.samba.org/show_bug.cgi?id=7936
- http://gitweb.samba.org/?p=rsync.git%3Ba=commit%3Bh=83b94efa6b60a3ff5eee4c5f7812c617a90a03f6
- http://gitweb.samba.org/?p=rsync.git;a=commit;h=83b94efa6b60a3ff5eee4c5f7812c617a90a03f6
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057641.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057736.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057737.html
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
- http://lists.samba.org/archive/rsync/2011-January/025988.html
- http://marc.info/?l=bugtraq&m=133226187115472&w=2
- http://rsync.samba.org/ftp/rsync/src/rsync-3.0.8-NEWS
- http://secunia.com/advisories/44071
- http://secunia.com/advisories/44088
- http://securitytracker.com/id?1025256
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:066
- http://www.redhat.com/support/errata/RHSA-2011-0390.html
- http://www.vupen.com/english/advisories/2011/0792
- http://www.vupen.com/english/advisories/2011/0793
- http://www.vupen.com/english/advisories/2011/0873
- http://www.vupen.com/english/advisories/2011/0876
Связанные уязвимости
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownershi ...
