Описание
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).
A flaw was found in rsync that is triggered by a victim rsync user/client connecting to a malicious rsync server. The server can copy and overwrite arbitrary files in the client's rsync target directory and subdirectories. This flaw allows a malicious server, or in some cases, another attacker who performs a man-in-the-middle attack, to potentially overwrite sensitive files on the client machine, resulting in further exploitation.
Меры по смягчению последствий
Only connecting to trusted Rsync servers over trusted channels would help to mitigate this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | rsync | Out of support scope | ||
| Red Hat Enterprise Linux 7 | rsync | Fixed | RHSA-2022:6170 | 24.08.2022 |
| Red Hat Enterprise Linux 8 | rsync | Fixed | RHSA-2022:6180 | 24.08.2022 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | rsync | Fixed | RHSA-2022:6173 | 24.08.2022 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | rsync | Fixed | RHSA-2022:6172 | 24.08.2022 |
| Red Hat Enterprise Linux 8.4 Extended Update Support | rsync | Fixed | RHSA-2022:6171 | 24.08.2022 |
| Red Hat Enterprise Linux 9 | rsync | Fixed | RHSA-2022:6181 | 24.08.2022 |
| Red Hat Enterprise Linux 9 | rsync | Fixed | RHSA-2022:6181 | 24.08.2022 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | redhat-virtualization-host | Fixed | RHSA-2022:6551 | 19.09.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.4 High
CVSS3
Связанные уязвимости
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).
An issue was discovered in rsync before 3.2.5 that allows malicious re ...
EPSS
7.4 High
CVSS3