GLSA-200605-05 : rsync: Potential integer overflow

high Nessus Plugin ID 21347

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200605-05 (rsync: Potential integer overflow)

An integer overflow was found in the receive_xattr function from the extended attributes patch (xattr.c) for rsync. The vulnerable function is only present when the 'acl' USE flag is set.
Impact :

A remote attacker with write access to an rsync module could craft malicious extended attributes which would trigger the integer overflow, potentially resulting in the execution of arbitrary code with the rights of the rsync daemon.
Workaround :

Do not provide write access to an rsync module to untrusted parties.

Solution

All rsync users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/rsync-2.6.8'

See Also

https://security.gentoo.org/glsa/200605-05

Plugin Details

Severity: High

ID: 21347

File Name: gentoo_GLSA-200605-05.nasl

Version: 1.14

Type: local

Published: 5/13/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:rsync, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Patch Publication Date: 5/6/2006

Vulnerability Publication Date: 4/22/2006

Reference Information

CVE: CVE-2006-2083

GLSA: 200605-05