rsync Signed Array Index Remote Code Execution Vulnerability

Bugtraq ID: 3958
Class: Access Validation Error
CVE: CVE-2002-0048
Remote: Yes
Local: No
Published: Jan 25 2002 12:00AM
Updated: Jul 11 2009 09:56AM
Credit: The discovery of this vulnerability has been credited to Sebastian Krahmer <krahmer@suse.de>.
Vulnerable: rsync rsync 2.5.1
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.1
rsync rsync 2.4.8
rsync rsync 2.4.6
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ EnGarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1 ia64
 + Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
 + Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ RedHat Linux 7.2 ia64
 + RedHat Linux 7.2 i386
 + S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3 sparc
 + S.u.S.E. Linux 7.3 ppc
 + S.u.S.E. Linux 7.3 i386
 + S.u.S.E. Linux 7.2 i386
 + S.u.S.E. Linux 7.1 x86
 + S.u.S.E. Linux 7.1 sparc
 + S.u.S.E. Linux 7.1 ppc
 + S.u.S.E. Linux 7.1 alpha
 + Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
rsync rsync 2.4.4
+ RedHat Linux 7.1 ia64
 + RedHat Linux 7.1 i386
 + RedHat Linux 7.1 alpha
 + RedHat Linux 7.0 i386
 + RedHat Linux 7.0 alpha
 rsync rsync 2.4.3
+ Caldera OpenLinux 3.1 -IA64
 + Caldera OpenLinux 2.3
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ Trustix Secure Linux 1.1
rsync rsync 2.4.1
+ RedHat Linux 6.2 sparc
 + RedHat Linux 6.2 i386
 + RedHat Linux 6.2 alpha
 + Trustix Secure Linux 1.0 1
 rsync rsync 2.3.2 -1.2 sparc
+ Debian Linux 2.2 sparc
 rsync rsync 2.3.2 -1.2 PPC
+ Debian Linux 2.2 powerpc
 rsync rsync 2.3.2 -1.2 m68k
+ Debian Linux 2.2 68k
 rsync rsync 2.3.2 -1.2 intel
+ Debian Linux 2.2 IA-32
 rsync rsync 2.3.2 -1.2 ARM
+ Debian Linux 2.2 arm
 rsync rsync 2.3.2 -1.2 alpha
+ Debian Linux 2.2 alpha
 rsync rsync 2.3.2
+ S.u.S.E. Linux 7.0 sparc
 + S.u.S.E. Linux 7.0 ppc
 + S.u.S.E. Linux 7.0 i386
 + S.u.S.E. Linux 7.0 alpha
 + S.u.S.E. Linux 6.4 ppc
 + S.u.S.E. Linux 6.4 i386
 + S.u.S.E. Linux 6.4 alpha
 rsync rsync 2.3.1
+ Caldera OpenLinux eBuilder 3.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
 + Conectiva Linux ecommerce
 + SCO eDesktop 2.4
+ SCO eServer 2.3.1
Not Vulnerable: rsync rsync 2.5.2
+ Immunix Immunix OS 7+
 rsync rsync 2.5 .0
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.1
rsync rsync 2.4.5
rsync rsync 2.3.2 -1.3


 

Privacy Statement
Copyright 2010, SecurityFocus