Executive Summary
| Summary | |
|---|---|
| Title | Updated rsync packages fix restrictions bypass vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | MDVSA-2008:011 | First vendor Publication | 2008-01-11 |
| Vendor | Mandriva | Last vendor Modification | 2008-01-11 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy. (CVE-2007-6199) Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options. (CVE-2007-6200) This update fixes these issues. It is recommended users (specially system and network administrators) read the manpage about the introduced munge symlinks feature. This update also upgrades rsync to version 2.6.9 for all Mandriva Linux versions earlier than 2008.0. |
Original Source
| Url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:011 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 50 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 50 % | CWE-16 | Configuration |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:21980 | |||
| Oval ID: | oval:org.mitre.oval:def:21980 | ||
| Title: | RHSA-2011:0999: rsync security, bug fix, and enhancement update (Moderate) | ||
| Description: | Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:0999-01 CESA-2011:0999 CVE-2007-6200 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | rsync |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23344 | |||
| Oval ID: | oval:org.mitre.oval:def:23344 | ||
| Title: | ELSA-2011:0999: rsync security, bug fix, and enhancement update (Moderate) | ||
| Description: | Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:0999-01 CVE-2007-6200 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | rsync |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:28107 | |||
| Oval ID: | oval:org.mitre.oval:def:28107 | ||
| Title: | DEPRECATED: ELSA-2011-0999 -- rsync security, bug fix, and enhancement update (moderate) | ||
| Description: | [3.0.6-4] - fix #700450 - free parsed hostnames - fix #575022 - set TZ variable after chroot [3.0.6-3] - Add upstream patch to fix CVE-2011-1097 - Incremental file-list corruption due to temporary file_extra_cnt increments Resolves: #688923 [3.0.6-2] - Remove BuildRequires dependency on popt-devel, until the package is being shipped with RHEL-5 (resolve build issues) [3.0.6-1] - Rebase to upstream version 3.0.6 Resolves: #339971, #471182, #575022, #616093 - Make '-d, --dirs options' behaviour backward-compatible with 2.6.8 Resolves: #339971 (comment #5) - Truncate a copied sparse file at the end of transaction (-S, --sparse option) Resolves: #530866 - Add -fno-strict-aliasing to CFLAGS - Remove obsolete rsync-2.6.8-xattr_bug.patch - Switch license to GPLv3+ (upstream change beginning with 3.0.0) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0999 CVE-2007-6200 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | rsync |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-07-30 | Name : CentOS Update for rsync CESA-2011:0999 centos5 x86_64 File : nvt/gb_CESA-2011_0999_rsync_centos5_x86_64.nasl |
| 2011-09-23 | Name : CentOS Update for rsync CESA-2011:0999 centos5 i386 File : nvt/gb_CESA-2011_0999_rsync_centos5_i386.nasl |
| 2011-07-22 | Name : RedHat Update for rsync RHSA-2011:0999-01 File : nvt/gb_RHSA-2011_0999-01_rsync.nasl |
| 2010-05-12 | Name : Mac OS X Security Update 2008-005 File : nvt/macosx_secupd_2008-005.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-10-13 | Name : SLES10: Security update for rsync File : nvt/sles10_rsync.nasl |
| 2009-10-10 | Name : SLES9: Security update for rsync File : nvt/sles9p5012702.nasl |
| 2009-04-09 | Name : Mandriva Update for rsync MDVSA-2008:011 (rsync) File : nvt/gb_mandriva_MDVSA_2008_011.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 39594 | rsync Unspecified Restricted File Remote Access |
| 39593 | rsync Unspecified Remote Restriction Bypass |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-04-23 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15549.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110721_rsync_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2011-09-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2011-0999.nasl - Type : ACT_GATHER_INFO |
| 2011-07-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0999.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12038.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2008-011.nasl - Type : ACT_GATHER_INFO |
| 2008-08-01 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-005.nasl - Type : ACT_GATHER_INFO |
| 2007-12-24 | Name : The remote openSUSE host is missing a security update. File : suse_rsync-4793.nasl - Type : ACT_GATHER_INFO |
| 2007-12-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_rsync-4798.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:39:07 |
|
