ID CVE-2007-4091
Summary Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function.
References
Vulnerable Configurations
  • cpe:2.3:a:rsync:rsync:2.6.9:*:*:*:*:*:*:*
    cpe:2.3:a:rsync:rsync:2.6.9:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 15-10-2018 - 21:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 25336
bugtraq 20070823 FLEA-2007-0047-1 rsync
confirm
debian DSA-1360
gentoo GLSA-200709-13
secunia
  • 26493
  • 26518
  • 26537
  • 26543
  • 26548
  • 26634
  • 26822
  • 26911
  • 27896
  • 61039
slackware SSA:2007-335-01
suse SUSE-SR:2007:017
trustix 2007-0026
ubuntu USN-500-1
vupen ADV-2007-2915
xf rsync-fname-bo(36072)
statements via4
contributor Mark J Cox
lastmodified 2007-08-22
organization Red Hat
statement Not vulnerable. This flaw did not affect Red Hat Enterprise Linux 2.1, 3, or 4 due to the version of rsync. This flaw does exist in Red Hat Enterprise Linux 5, but due to the nature of the flaw it is not exploitable with any security consequence due to stack-protector.
Last major update 15-10-2018 - 21:33
Published 16-08-2007 - 00:17
Back to Top