(Fedora Issues Fix for FC1) Rsync Input Validation Error in sanitize_path() May Let Remote Users Read or Write Arbitrary Files
|
|
SecurityTracker Alert ID: 1011289 |
|
SecurityTracker URL: http://securitytracker.com/id/1011289
|
|
CVE Reference:
CAN-2004-0792
(Links to External Site)
|
Date: Sep 15 2004
|
Impact:
Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 2.5.7-5
|
Description:
A vulnerability was reported in rsync when running in daemon mode with chroot disabled. A remote user may be able read or write files on the target system that are located outside of the module's path.
A remote user can supply a specially crafted path to cause the path cleaning function to generate an absolute filename instead of a relative one. The flaw resides in the sanitize_path() function.
|
Impact:
A remote user can obtain or potentially write files on the target system with the privileges of the rsync daemon.
|
Solution:
Fedora has released a fix, available at:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
01fb9ef513ef0d484efb1bd66e91ad69 SRPMS/rsync-2.5.7-5.fc1.1.src.rpm
dd13aba3dc99efc30ecaa0eeb49f242e x86_64/rsync-2.5.7-5.fc1.1.x86_64.rpm
d8963193e902465e632e0ed993e92f82 x86_64/debug/rsync-debuginfo-2.5.7-5.fc1.1.x86_64.rpm
bab0cb276f77596a6b9520401298764f i386/rsync-2.5.7-5.fc1.1.i386.rpm
094fa40ae453fddd43edce9fd10a054b i386/debug/rsync-debuginfo-2.5.7-5.fc1.1.i386.rpm
|
Vendor URL: rsync.samba.org/ (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Linux (Red Hat Fedora)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 19 Aug 2004 17:33:04 -0400
Subject: [SECURITY] Fedora Core 1 Update: rsync-2.5.7-5.fc1.1
|
Subject: Fedora Core 1 Update: rsync-2.5.7-5.fc1.1
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-268
2004-08-19
---------------------------------------------------------------------
Product : Fedora Core 1
Name : rsync
Version : 2.5.7
Release : 5.fc1.1
Summary : A program for synchronizing files over a network.
Description :
Rsync uses a reliable algorithm to bring remote and host files into
sync very quickly. Rsync is fast because it just sends the differences
in the files over the network instead of sending the complete
files. Rsync is often used as a very powerful mirroring process or
just as a more capable replacement for the rcp command. A technical
report which describes the rsync algorithm is included in this
package.
---------------------------------------------------------------------
Update Information:
This update backports a security fix to a path-sanitizing flaw that
affects rsync when it is used in daemon mode without also using
chroot.
For more information see http://samba.org/rsync/#security_aug04
---------------------------------------------------------------------
* Thu Aug 19 2004 Jay Fenlason <fenlason@redhat.com> 2.5.7-5.fc1.1
- Backport fix for CAN-2004-0792
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
01fb9ef513ef0d484efb1bd66e91ad69 SRPMS/rsync-2.5.7-5.fc1.1.src.rpm
dd13aba3dc99efc30ecaa0eeb49f242e x86_64/rsync-2.5.7-5.fc1.1.x86_64.rpm
d8963193e902465e632e0ed993e92f82 x86_64/debug/rsync-debuginfo-2.5.7-5.fc1.1.x86_64.rpm
bab0cb276f77596a6b9520401298764f i386/rsync-2.5.7-5.fc1.1.i386.rpm
094fa40ae453fddd43edce9fd10a054b i386/debug/rsync-debuginfo-2.5.7-5.fc1.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
|
|
