LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: rsync vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Sebastian Krahmer discovered that rsync contained an off-by-one miscalculation when handling certain file paths. By creating a specially crafted tree of files and tricking an rsync server into processing them, a remote attacker could write a single NULL to stack memory, possibly leading to arbitrary code execution.
=========================================================== 
Ubuntu Security Notice USN-500-1            August 20, 2007
rsync vulnerability
CVE-2007-4091
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  rsync                                    2.6.6-1ubuntu2.1

Ubuntu 6.10:
  rsync                                    2.6.8-2ubuntu3.1

Ubuntu 7.04:
  rsync                                    2.6.9-3ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Sebastian Krahmer discovered that rsync contained an off-by-one
miscalculation when handling certain file paths.  By creating a specially
crafted tree of files and tricking an rsync server into processing them,
a remote attacker could write a single NULL to stack memory, possibly
leading to arbitrary code execution.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.6-1ubuntu2.1.diff.gz
      Size/MD5:    55161 6cd634cb545886794ed771279df893e9
    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.6-1ubuntu2.1.dsc
      Size/MD5:      561 7324148228173c642ca48092b09321ca
    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.6.orig.tar.gz
      Size/MD5:   690066 30c4e2849cbeae93f55548453865c2f2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.6-1ubuntu2.1_amd64.deb
      Size/MD5:   237356 3c9887ee275f3bd3a84589dc326f73f9

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.6-1ubuntu2.1_i386.deb
      Size/MD5:   219748 89dfc44e3c8a5f897b3146391189de51

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.6-1ubuntu2.1_powerpc.deb
      Size/MD5:   238266 3c8ffb7ddb73b7466e461bc9b3567792

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.6-1ubuntu2.1_sparc.deb
      Size/MD5:   227912 b68f2d7df5958c60db8d928d82c807e4

Updated packages for Ubuntu 6.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.8-2ubuntu3.1.diff.gz
      Size/MD5:    63808 646a700128fa9b8478d34792887c4276
    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.8-2ubuntu3.1.dsc
      Size/MD5:      561 87b5f9f829775716738a588fe1449d0d
    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.8.orig.tar.gz
      Size/MD5:   772314 082a9dba1f741e6591e5cd748a1233de

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.8-2ubuntu3.1_amd64.deb
      Size/MD5:   260992 67a07bb1085ea883eef3b232c65e3b50

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.8-2ubuntu3.1_i386.deb
      Size/MD5:   248638 00b6f25e96fad7b0de2501ec3e8d2f6c

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.8-2ubuntu3.1_powerpc.deb
      Size/MD5:   264226 9b946b0454917f152a8ecda634082216

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.8-2ubuntu3.1_sparc.deb
      Size/MD5:   255870 87c614c1185a065852479535a27c978e

Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.9-3ubuntu1.1.diff.gz
      Size/MD5:    38919 44b95b6f0725b0833e335d026005f7dd
    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.9-3ubuntu1.1.dsc
      Size/MD5:      658 efdb8c45d0e7d0ec1190af90608b2e42
    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.9.orig.tar.gz
      Size/MD5:   811841 996d8d8831dbca17910094e56dcb5942

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.9-3ubuntu1.1_amd64.deb
      Size/MD5:   275860 b6bb111fe5c03e7dab73800360ea0787

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.9-3ubuntu1.1_i386.deb
      Size/MD5:   261948 d4369b89eb66a7c806ccd10ae84e7d15

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.9-3ubuntu1.1_powerpc.deb
      Size/MD5:   282332 13e0995bce9e9808f881ce9c01be5965

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/r/rsync/rsync_2.6.9-3ubuntu1.1_sparc.deb
      Size/MD5:   270036 e344c2522560161406eedbd7c111d584


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.