Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/glsa-200408-17.xml
diff options
context:
space:
mode:
Diffstat (limited to 'glsa-200408-17.xml')
-rw-r--r--glsa-200408-17.xml73
1 files changed, 73 insertions, 0 deletions
diff --git a/glsa-200408-17.xml b/glsa-200408-17.xml
new file mode 100644
index 00000000..c49553d7
--- /dev/null
+++ b/glsa-200408-17.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="utf-8"?>
+<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>
+<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+
+<glsa id="200408-17">
+ <title>rsync: Potential information leakage</title>
+ <synopsis>
+ rsync fails to properly sanitize paths. This vulnerability could allow the
+ listing of arbitrary files and allow file overwriting outside module's path
+ on rsync server configurations that allow uploading.
+ </synopsis>
+ <product type="ebuild">rsync</product>
+ <announced>August 17, 2004</announced>
+ <revised>May 22, 2006: 02</revised>
+ <bug>60309</bug>
+ <access>remote</access>
+ <affected>
+ <package name="net-misc/rsync" auto="yes" arch="*">
+ <unaffected range="ge">2.6.0-r3</unaffected>
+ <vulnerable range="le">2.6.0-r2</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>
+ rsync is a utility that provides fast incremental file transfers. It is
+ used to efficiently synchronize files between hosts and is used by
+ emerge to fetch Gentoo's Portage tree. rsyncd is the rsync daemon,
+ which listens to connections from rsync clients.
+ </p>
+ </background>
+ <description>
+ <p>
+ The paths sent by the rsync client are not checked thoroughly enough.
+ It does not affect the normal send/receive filenames that specify what
+ files should be transferred. It does affect certain option paths that
+ cause auxilliary files to be read or written.
+ </p>
+ </description>
+ <impact type="normal">
+ <p>
+ When rsyncd is used without chroot ("use chroot = false" in the
+ rsyncd.conf file), this vulnerability could allow the listing of
+ arbitrary files outside module's path and allow file overwriting
+ outside module's path on rsync server configurations that allows
+ uploading. Both possibilities are exposed only when chroot option is
+ disabled.
+ </p>
+ </impact>
+ <workaround>
+ <p>
+ You should never set the rsync daemon to run with "use chroot = false".
+ </p>
+ </workaround>
+ <resolution>
+ <p>
+ All users should update to the latest version of the rsync package.
+ </p>
+ <code>
+ # emerge sync
+
+ # emerge -pv &quot;&gt;=net-misc/rsync-2.6.0-r3&quot;
+ # emerge &quot;&gt;=net-misc/rsync-2.6.0-r3&quot;</code>
+ </resolution>
+ <references>
+ <uri link="http://samba.org/rsync/#security_aug04">rsync Advisory</uri>
+ <uri link="http://lists.samba.org/archive/rsync-announce/2004/000017.html">rsync 2.6.2 announcement</uri>
+ <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0792">CVE-2004-0792</uri>
+ </references>
+ <metadata tag="submitter" timestamp="Sat, 14 Aug 2004 19:22:18 +0000">
+ jaervosz
+ </metadata>
+</glsa>