Rsync Use Chroot Insecure File Creation Vulnerability

Bugtraq ID: 26638
Class: Design Error
CVE: CVE-2007-6199
Remote: No
Local: Yes
Published: Nov 29 2007 12:00AM
Updated: Mar 19 2015 09:43AM
Credit: The vendor reported this issue.
Vulnerable: SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 10 SP1
SuSE SUSE Linux Enterprise Desktop 10 SP1
SuSE SUSE Linux Enterprise Desktop 10
SuSE openSUSE 10.3
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
Slackware Linux 12.0
Slackware Linux 11.0
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop SDK 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Desktop 10
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
rsync rsync 2.6.9
+ Ubuntu Ubuntu Linux 7.10 sparc
+ Ubuntu Ubuntu Linux 7.10 powerpc
+ Ubuntu Ubuntu Linux 7.10 i386
+ Ubuntu Ubuntu Linux 7.10 amd64
+ Ubuntu Ubuntu Linux 7.04 sparc
+ Ubuntu Ubuntu Linux 7.04 powerpc
+ Ubuntu Ubuntu Linux 7.04 powerpc
+ Ubuntu Ubuntu Linux 7.04 i386
+ Ubuntu Ubuntu Linux 7.04 i386
+ Ubuntu Ubuntu Linux 7.04 amd64
+ Ubuntu Ubuntu Linux 7.04 amd64
rsync rsync 2.6.8
+ Ubuntu Ubuntu Linux 6.10 sparc
+ Ubuntu Ubuntu Linux 6.10 powerpc
+ Ubuntu Ubuntu Linux 6.10 i386
+ Ubuntu Ubuntu Linux 6.10 amd64
rsync rsync 2.6.7
rsync rsync 2.6.6
rsync rsync 2.6.5
rsync rsync 2.6.2
+ OpenPKG OpenPKG 2.1
rsync rsync 2.6.1
rsync rsync 2.6
rsync rsync 2.5.7
rsync rsync 2.5.6
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ OpenBSD OpenBSD 3.4
+ OpenBSD OpenBSD 3.3
+ OpenBSD OpenBSD 3.2
+ OpenBSD OpenBSD 3.1
+ OpenBSD OpenBSD 3.0
+ OpenPKG OpenPKG 1.3
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG Current
+ Red Hat Fedora Core1
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Slackware Linux 9.1
+ Slackware Linux 9.0
rsync rsync 2.5.5
+ Conectiva Linux 9.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ S.u.S.E. Linux 8.1
+ Slackware Linux 8.1
rsync rsync 2.5.4
+ Immunix Immunix OS 7.3
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Multi Network Firewall 2.0
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
rsync rsync 2.5.3
rsync rsync 2.5.2
+ Immunix Immunix OS 7+
rsync rsync 2.5.1
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.1
rsync rsync 2.5 .0
rsync rsync 2.4.8
rsync rsync 2.4.6
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ EnGarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
rsync rsync 2.4.5
rsync rsync 2.4.4
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
rsync rsync 2.4.3
rsync rsync 2.4.1
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ Trustix Secure Linux 1.0 1
rsync rsync 2.4 .0
rsync rsync 2.3.2 -1.3
rsync rsync 2.3.2 -1.2 sparc
+ Debian Linux 2.2 sparc
rsync rsync 2.3.2 -1.2 PPC
+ Debian Linux 2.2 powerpc
rsync rsync 2.3.2 -1.2 m68k
+ Debian Linux 2.2 68k
rsync rsync 2.3.2 -1.2 intel
+ Debian Linux 2.2 IA-32
rsync rsync 2.3.2 -1.2 ARM
+ Debian Linux 2.2 arm
rsync rsync 2.3.2 -1.2 alpha
rsync rsync 2.3.2
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4 alpha
rsync rsync 2.3.1
+ Caldera OpenLinux eBuilder 3.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
rPath rPath Linux 1
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
Foresight Linux Foresight Linux 1.1
Apple Mac OS X Server 10.5.4
Apple Mac OS X Server 10.5.3
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.4.8
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.4
Apple Mac OS X 10.5.3
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.4.10
Apple Mac OS X 10.4.9
Apple Mac OS X 10.4.8
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apple Mac OS X 10.5
Not Vulnerable: rsync rsync 3.0.0pre6


 

Privacy Statement
Copyright 2010, SecurityFocus