RSync Daemon Mode Undisclosed Remote Heap Overflow Vulnerability

Bugtraq ID: 9153
Class: Boundary Condition Error
CVE: CVE-2003-0962
Remote: Yes
Local: No
Published: Dec 04 2003 12:00AM
Updated: Jul 12 2009 12:56AM
Credit: Discovery credited to Timo Sirainen, Mike Warfield, Paul Russell, and Andrea Barisani.
Vulnerable: Sun Cobalt RaQ XTR
Sun Cobalt RaQ 4
Sun Cobalt Qube 3
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
Slackware Linux -current
SGI ProPack 2.3
rsync rsync 2.5.6
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ OpenBSD OpenBSD 3.4
+ OpenBSD OpenBSD 3.3
+ OpenBSD OpenBSD 3.2
+ OpenBSD OpenBSD 3.1
+ OpenBSD OpenBSD 3.0
+ OpenPKG OpenPKG 1.3
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG Current
+ Red Hat Fedora Core1
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Slackware Linux 9.1
+ Slackware Linux 9.0
rsync rsync 2.5.5
+ Conectiva Linux 9.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ S.u.S.E. Linux 8.1
+ Slackware Linux 8.1
rsync rsync 2.5.4
+ Immunix Immunix OS 7.3
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Multi Network Firewall 2.0
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
rsync rsync 2.5.3
rsync rsync 2.5.2
+ Immunix Immunix OS 7+
rsync rsync 2.5.1
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.1
rsync rsync 2.5 .0
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.1
rsync rsync 2.4.8
rsync rsync 2.4.6
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ EnGarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
rsync rsync 2.4.5
rsync rsync 2.4.4
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
rsync rsync 2.4.3
+ Caldera OpenLinux 3.1 -IA64
+ Caldera OpenLinux 2.3
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ Trustix Secure Linux 1.1
rsync rsync 2.4.1
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ Trustix Secure Linux 1.0 1
rsync rsync 2.4 .0
rsync rsync 2.3.2
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4 alpha
rsync rsync 2.3.1
+ Caldera OpenLinux eBuilder 3.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
RedHat rsync-2.5.5-4.i386.rpm
+ RedHat Linux 9.0 i386
RedHat rsync-2.5.5-1.i386.rpm
+ RedHat Linux 8.0 i386
RedHat rsync-2.5.4-2.i386.rpm
+ RedHat Linux 7.3 i386
RedHat rsync-2.4.6-5.ia64.rpm
+ RedHat Linux 7.2 ia64
RedHat rsync-2.4.6-5.i386.rpm
+ RedHat Linux 7.2 i386
RedHat rsync-2.4.6-2.i386.rpm
+ RedHat Linux 7.1 i386
Red Hat Fedora Core1
EnGarde Secure Professional 1.5
EnGarde Secure Professional 1.2
EnGarde Secure Professional 1.1
EnGarde Secure Community 2.0
EnGarde Secure Community 1.0.1
Apple Mac OS X Server 10.3.2
Apple Mac OS X Server 10.2.8
Apple Mac OS X 10.3.2
Apple Mac OS X 10.2.8
Not Vulnerable: rsync rsync 2.5.7


 

Privacy Statement
Copyright 2010, SecurityFocus