Linux rsync NULL bytes could allow an attacker to execute arbitrary code as root

linux-rsync-root-access (7993) The risk level is classified as HighHigh Risk

Description:

rsync could allow a remote attacker to execute arbitrary code on the system. In vulnerable could allow a remote attacker to write NULL bytes to arbitrary memory locations on the stack. An attacker could use this vulnerability to execute arbitrary code on the system with root privileges.


Consequences:

Gain Access

Remedy:

Upgrade to the latest version of rsync (2.5.2 or later), available from the rsync Web site. See References.

For SuSE Linux 6.4 (Intel):
Upgrade to the latest version of rsync (2.3.3-123 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 7.0 (Intel):
Upgrade to the latest version of rsync (2.3.3-124 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 7.1 and 7.3 (Intel):
Upgrade to the latest version of rsync (2.4.6-288 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 7.2 (Intel):
Upgrade to the latest version of rsync (2.4.6-289 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 7.0 (Sparc):
Upgrade to the latest version of rsync (2.3.2-5 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 7.1 and 7.3 (Sparc):
Upgrade to the latest version of rsync (2.4.6-135 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 6.4 (AXP Alpha):
Upgrade to the latest version of rsync (2.3.2-31 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 7.0 (AXP Alpha):
Upgrade to the latest version of rsync (2.3.2-30 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 7.1 (AXP Alpha):
Upgrade to the latest version of rsync (2.4.6-123 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 6.4 and 7.0 (PPC Power PC):
Upgrade to the latest version of rsync (2.3.2-133 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 7.1 (PPC Power PC):
Upgrade to the latest version of rsync (2.4.6-151 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For SuSE Linux 7.3 (PPC Power PC):
Upgrade to the latest version of rsync (2.4.6-150 or later), as listed in SuSE Security Announcement SuSE-SA:2002:004. See References.

For Conectiva Linux 5.0, prg graficos, and ecommerce:
Upgrade to the latest version of rsync (2.4.6-4U50_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2002:458. See References.

For Conectiva Linux 5.1:
Upgrade to the latest version of rsync (2.4.6-4U51_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2002:458. See References.

For Conectiva Linux 6.0:
Upgrade to the latest version of rsync (2.4.6-4U60_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2002:458. See References.

For Conectiva Linux 7.0:
Upgrade to the latest version of rsync (2.4.6-4U70_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2002:458. See References.

For Debian GNU/Linux 2.2 (alias potato):
Upgrade to the latest version of rsync (2.3.2-1.5 or later), as listed in DSA-106-2. See References.

For EnGarde Secure Linux 1.0.1 (Finestra):
Upgrade to the latest version of rsync (2.4.6-1.0.3 or later), as listed in EnGarde Secure Linux Security Advisory ESA-20020125-004. See References.

For Red Hat Linux 6.2:
Upgrade to the latest version of rsync (2.4.6-0.6 or later), as listed in Red Hat Linux Errata Advisory RHSA-2002:018-05. See References.

For Red Hat Linux 7.0, 7.1, and 7.2:
Upgrade to the latest version of rsync (2.4.6-8 or later), as listed in Red Hat Linux Errata Advisory RHSA-2002:018-05. See References.

For Trustix Secure Linux 1.01, 1.1, 1.2, and 1.5:
Upgrade to the latest version of rsync (2.4.6-4tr or later), as listed in Trustix Secure Linux Security Advisory #2002-0025. See References.

For Mandrake Linux 7.1 and Corporate Server 1.0.1:
Upgrade to the latest version of rsync (2.4.6-3.2 or later), as listed in MandrakeSoft Security Advisory MDKSA-2002:009 : rsync. See References.

For Mandrake Linux 7.2, 8.0, 8.1, and Single Network Firewall 7.2:
Upgrade to the latest version of rsync (2.4.6-3.1 or later), as listed in MandrakeSoft Security Advisory MDKSA-2002:009 : rsync. See References.

For Caldera OpenLinux 2.3, eServer 2.3.1, eBuilder, eDesktop 2.4, OpenLinux 3.1 IA64, and OpenLinux Server and Workstation 3.1 and 3.1.1:
Upgrade to the latest version of rsync (2.5.0-2 or later), as listed in Caldera International, Inc. Security Advisory CSSA-2002-003.0. See References.

For FreeBSD Ports Collection prior to 2002-01-23:
Upgrade to the latest rsync package (2.5.1_1 or later), as listed in FreeBSD, Inc. Security Advisory FreeBSD-SA-02:10. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

Platforms Affected:

  • Conectiva Linux 5.0
  • Conectiva Linux 5.1
  • Conectiva Linux 6.0
  • Conectiva Linux 7.0
  • Conectiva Linux ecommerce
  • Conectiva Linux prg_graficos
  • Debian Debian Linux 2.2
  • EngardeLinux Secure Community 1.0.1
  • FreeBSD FreeBSD Ports Collection
  • GNU rsync prior to 2.5.2
  • MandrakeSoft Mandrake Linux 7.1
  • MandrakeSoft Mandrake Linux 7.2
  • MandrakeSoft Mandrake Linux 8.0
  • MandrakeSoft Mandrake Linux 8.1
  • MandrakeSoft Mandrake Linux Corporate Server 1.0.1
  • MandrakeSoft Mandrake Single Network Firewall 7.2
  • RedHat Linux 6.2
  • RedHat Linux 7
  • RedHat Linux 7.1
  • RedHat Linux 7.2
  • RedHat Linux 7.3
  • SCO Caldera OpenLinux 2.3
  • SCO Caldera OpenLinux 3.1 IA64
  • SCO Caldera OpenLinux eBuilder
  • SCO Caldera OpenLinux eDesktop 2.4
  • SCO Caldera OpenLinux eServer 2.3.1
  • SCO Caldera OpenLinux Server 3.1
  • SCO Caldera OpenLinux Server 3.1.1
  • SCO Caldera OpenLinux Workstation 3.1
  • SCO Caldera OpenLinux Workstation 3.1.1
  • SUSE SuSE Linux 6.4
  • SUSE SuSE Linux 7.0
  • SUSE SuSE Linux 7.1
  • SUSE SuSE Linux 7.2
  • SUSE SuSE Linux 7.3
  • Trustix Secure Linux 1.01
  • Trustix Secure Linux 1.1
  • Trustix Secure Linux 1.2
  • Trustix Secure Linux 1.5

Reported:

Jan 25, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page