Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » CLA-2002:458-Remote vulnerability in rsync

CLA-2002:458-Remote vulnerability in rsync

by Nikola Strahija on January 25th, 2002 "rsync" is a program used mainly to mirror files between remote sites. Some variables could receive a negative value, and this was a condition that was not expected by the program. A remote attacker could exploit this to execute commands on the rsync server.


"rsync" is a program used mainly to mirror files between remote
sites.

Sebastian Krahmer from SuSe did an audit on the rsync source code and
found several vulneranilities regarding the use of signed integers.
Some variables could receive a negative value, and this was a
condition that was not expected by the program. A remote attacker
could exploit this to execute commands on the rsync server.


SOLUTION
It is recommended that all rsync users upgrade their packages.

IMPORTANT: please stop all rsync processes before upgrading. This
will ensure that no old vulnerable copies will be left running. If
rsync is running in daemon mode, it has to be restarted manually
after upgrading.
If rsync is being started by inetd or xinetd, then no further action
is necessary after the upgrade, since these tools will automatically
use the upgraded package.


DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/rsync-2.4.6-4U50_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/rsync-2.4.6-4U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/rsync-2.4.6-4U51_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/rsync-2.4.6-4U51_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/rsync-2.4.6-4U60_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/rsync-2.4.6-4U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/rsync-2.4.6-4U70_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/rsync-2.4.6-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/rsync-2.4.6-4U50_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/rsync-2.4.6-4U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/rsync-2.4.6-4U50_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/rsync-2.4.6-4U50_1cl.i386.rpm


ADDITIONAL INSTRUCTIONS
Users of Conectiva Linux version 6.0 or higher may use apt to perform
upgrades of RPM packages:
- add the following line to /etc/apt/sources.list if it is not there yet
(you may also use linuxconf to do this):

rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates

(replace 6.0 with the correct version number if you are not running CL6.0)

- run: apt-get update
- after that, execute: apt-get upgrade

Detailed instructions reagarding the use of apt and upgrade examples
can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »