Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 564
Alerts This Week
Warning Icon 1 564

Gentoo: GLSA-200804-16 High: Rsync Buffer Overflow Risk

gentoo
Calendar Grey April 17, 2008
Scroller Gentoo
Due to a buffer overflow vulnerability, Rsync could enable remote execution of arbitrary commands. Ensure you update to the most recent version without delay.
A buffer overflow in rsync might lead to the remote execution of arbitrary code when extended attributes are being used.

Summary

Gentoo Linux Security Advisory GLSA 200804-16 https://security.gentoo.org/ Severity: High Title: rsync: Execution of arbitrary code Date: April 17, 2008 Bugs: #216887 ID: 200804-16

Synopsis ======= A buffer overflow in rsync might lead to the remote execution of arbitrary code when extended attributes are being used.
Background ========= rsync is a file transfer program to keep remote directories synchronized.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/rsync < 2.6.9-r6 >= 2.6.9-r6
========== Sebastian Krahmer of SUSE reported an integer overflow in the expand_item_list() function in the file util.c which might lead to a heap-based buffer overf...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround