Rsync 'xattr' Support Integer Overflow Vulnerability

Bugtraq ID: 28726
Class: Boundary Condition Error
CVE: CVE-2008-1720
Remote: Yes
Local: No
Published: Apr 10 2008 12:00AM
Updated: Aug 21 2009 03:58PM
Credit: Sebastian Krahmer
Vulnerable: Ubuntu Ubuntu Linux 7.10 sparc
Ubuntu Ubuntu Linux 7.10 powerpc
Ubuntu Ubuntu Linux 7.10 i386
Ubuntu Ubuntu Linux 7.10 amd64
S.u.S.E. openSUSE 10.3
rsync rsync 3.0.1
+ Ubuntu Ubuntu Linux 7.04 sparc
 + Ubuntu Ubuntu Linux 7.04 powerpc
 + Ubuntu Ubuntu Linux 7.04 i386
 + Ubuntu Ubuntu Linux 7.04 amd64
 rsync rsync 3.0
+ Ubuntu Ubuntu Linux 7.04 sparc
 + Ubuntu Ubuntu Linux 7.04 powerpc
 + Ubuntu Ubuntu Linux 7.04 i386
 + Ubuntu Ubuntu Linux 7.04 amd64
 rsync rsync 2.6.9
+ Ubuntu Ubuntu Linux 7.10 sparc
 + Ubuntu Ubuntu Linux 7.10 powerpc
 + Ubuntu Ubuntu Linux 7.10 i386
 + Ubuntu Ubuntu Linux 7.10 amd64
 + Ubuntu Ubuntu Linux 7.04 sparc
 + Ubuntu Ubuntu Linux 7.04 powerpc
 + Ubuntu Ubuntu Linux 7.04 powerpc
 + Ubuntu Ubuntu Linux 7.04 i386
 + Ubuntu Ubuntu Linux 7.04 i386
 + Ubuntu Ubuntu Linux 7.04 amd64
 + Ubuntu Ubuntu Linux 7.04 amd64
 rsync rsync 3.0.0pre6
RedHat Fedora 8
RedHat Fedora 7
HP Insight Control for Linux (ICE-LX) 2.10
Gentoo Linux
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
cwRsync cwRsync 2.1.2
cwRsync cwRsync 2.1.1
cwRsync cwRsync 2.1
Not Vulnerable: rsync rsync 3.0.2
+ Ubuntu Ubuntu Linux 7.04 sparc
 + Ubuntu Ubuntu Linux 7.04 powerpc
 + Ubuntu Ubuntu Linux 7.04 i386
 + Ubuntu Ubuntu Linux 7.04 amd64
 HP Insight Control for Linux (ICE-LX) 2.11
cwRsync cwRsync 2.1.3


 

Privacy Statement
Copyright 2010, SecurityFocus