Rsync.Chunk.Checksum.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer overflow vulnerability in the rsync server.
Because of a boundary error in the rsync server, a remote attacker can execute commands via a heap overflow. The attacker can run commands with the UID that the rsync server runs under.

affected-products-logoAffected Products

Sun Cobalt RaQ XTR
Sun Cobalt RaQ 4
Sun Cobalt Qube 3
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
Slackware Linux -current
SGI ProPack 2.3
rsync rsync 2.5.6
+ MandrakeSoft Linux Mandrake 9.2
+ MandrakeSoft Linux Mandrake 9.1 ppc
+ MandrakeSoft Linux Mandrake 9.1
+ OpenBSD OpenBSD 3.4
+ OpenBSD OpenBSD 3.3
+ OpenBSD OpenBSD 3.2
+ OpenBSD OpenBSD 3.1
+ OpenBSD OpenBSD 3.0
+ OpenPKG OpenPKG 1.3
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG Current
+ RedHat Fedora Core1
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Slackware Linux 9.1
+ Slackware Linux 9.0
rsync rsync 2.5.5
+ Conectiva Linux 9.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Linux Mandrake 9.0
+ S.u.S.E. Linux 8.1
+ Slackware Linux 8.1
rsync rsync 2.5.4
+ Immunix Immunix OS 7.3
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Linux Mandrake 8.1 ia64
+ MandrakeSoft Linux Mandrake 8.1
+ MandrakeSoft Linux Mandrake 8.0 ppc
+ MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 7.2
+ MandrakeSoft Linux Mandrake 7.1
+ MandrakeSoft Multi Network Firewall 2.0
+ MandrakeSoft Single Network Firewall 7.2
rsync rsync 2.5.3
rsync rsync 2.5.2
+ Immunix Immunix OS 7+
rsync rsync 2.5.1
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.1
rsync rsync 2.5 .0
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.1
rsync rsync 2.4.8
rsync rsync 2.4.6
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ EnGarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Linux Mandrake 8.1 ia64
+ MandrakeSoft Linux Mandrake 8.1
+ MandrakeSoft Linux Mandrake 8.0 ppc
+ MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 7.2
+ MandrakeSoft Linux Mandrake 7.1
+ MandrakeSoft Single Network Firewall 7.2
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
rsync rsync 2.4.5
rsync rsync 2.4.4
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
rsync rsync 2.4.3
+ Caldera OpenLinux 3.1 -IA64
+ Caldera OpenLinux 2.3
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ Trustix Secure Linux 1.1
rsync rsync 2.4.1
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ Trustix Secure Linux 1.0 1
rsync rsync 2.4 .0
rsync rsync 2.3.2
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4 alpha
rsync rsync 2.3.1
+ Caldera OpenLinux eBuilder 3.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
RedHat rsync-2.5.5-4.i386.rpm
+ RedHat Linux 9.0 i386
RedHat rsync-2.5.5-1.i386.rpm
+ RedHat Linux 8.0 i386
RedHat rsync-2.5.4-2.i386.rpm
+ RedHat Linux 7.3 i386
RedHat rsync-2.4.6-5.ia64.rpm
+ RedHat Linux 7.2 ia64
RedHat rsync-2.4.6-5.i386.rpm
+ RedHat Linux 7.2 i386
RedHat rsync-2.4.6-2.i386.rpm
+ RedHat Linux 7.1 i386
EnGarde Secure Professional 1.5
EnGarde Secure Professional 1.2
EnGarde Secure Professional 1.1
EnGarde Secure Community 2.0
EnGarde Secure Community 1.0.1
Apple Mac OS X Server 10.3.2
Apple Mac OS X Server 10.2.8
Apple Mac OS X 10.3.2
Apple Mac OS X 10.2.8

Impact logoImpact

System compromise: remote code execution.

recomended-action-logoRecommended Actions

Sun have released a fix to address this issue in the Sun Cobalt RaQ XTR. The fix is linked below.
Sun have released fixes to address this issue in Sun Cobalt RaQ4 and Qube 3 products. Fixes are linked below.
Immunix has released an advisory and fixes to address this issue.
Mandrake has released an advisory that includes fixes to address this issue.
Red Hat Linux has released an advisory (FEDORA-2003-030) and fixes to address this issue in Fedora Core 1. Affected users are advised to apply appropriate fixes as soon as possible. Further information regarding obtaining and applying fixes can be found in the referenced advisory.
Red Hat Linux has released an advisory (RHSA-2003:399-06) to address this issue in Enterprise systems. Affected customers are advised to apply appropriate fixes from the Red Hat Network as soon as possible. Further information regarding obtaining and applying fixes can be found in the referenced advisory.
Red Hat Linux has released an advisory (RHSA-2003:398-01) and fixes to address this issue. Affected users are advised to apply appropriate fixes as soon as possible. Further information regarding obtaining and applying fixes can be found in the referenced advisory.
Gentoo Linux has released an advisory (200312-03) to address this issue. Gentoo have advised that users upgrade to version 2.5.7 of rsync. Users can accomplish this by typing:
emerge sync;
emerge >=net-misc/rsync-2.5.7
EnGarde has released an advisory (ESA-20031204-032) with fixes to address this issue. Guardian Digital Secure Network subscribers may update affected packages using the WebTool. See referenced advisory for additional details.
Slackware has released Slackware Linux Security Advisory SSA:2003-337-01 with fixes to address this issue.
Advisory OpenPKG-SA-2003.051 has been released by The OpenPKG Project to address this issue.
Debian has released advisory DSA 404-1 to address this issue.
Trustix advisory #2003-0048 has been released with fixes for this issue. See references for additional details.
SuSE Security Announcement SuSE-SA:2003:050 has been released with fixes for this issue.
Conectiva has released an advisory and fixes to address this issue.
OpenBSD has made a fixed version available.
TurboLinux has released a security advisory to address this issue. Affected users are advised to execute the following commands:
# turbopkg
OR
For zabom-1.x
# zabom update rsync
For zabom-2.x
# zabom -u rsync
Additional TurboLinux information is available in the referenced advisory.
rsync version 2.5.7 has been released to resolve these issues.
SGI has released a security advisory 20031202-01-U with fixes for SGI ProPack v2.3 for the Altix family of systems. Please see the referenced advisory for more information.
Apple has released advisories to fix this issue in Apple Jaguar for Mac OS X 10.2.8 and Mac OS X Server 10.2.8 and Panther for Mac OS X 10.3.2 and Mac OS X Server 10.3.2. Please see referenced advisories for more details about obtaining fixes.
SCO has released advisory CSSA-2004-010.0 dealing with this issue. For more information please see the referenced advisory.
Slackware Linux -current
Slackware rsync-2.5.7-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/rs ync-2.5.7-i486-1.tgz
Sun Cobalt RaQ 4
Sun RaQ4-All-Security-2.0.1-16675.pkg
http://ftp.cobalt.sun.com/pub/packages/raq4/eng/RaQ4-All-Security-2.0. 1-16675.pkg
RedHat rsync-2.5.5-4.i386.rpm
RedHat rsync-2.5.7-0.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/rsync-2.5.7-0.9.i386.rpm
RedHat rsync-2.4.6-5.ia64.rpm
RedHat rsync-2.5.7-0.7.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/rsync-2.5.7-0.7.ia64.rpm
Sun Cobalt RaQ XTR
Sun RaQXTR-All-Security-1.0.1-16675.pkg
http://ftp.cobalt.sun.com/pub/packages/raqxtr/eng/RaQXTR-All-Security- 1.0.1-16675.pkg
RedHat rsync-2.4.6-2.i386.rpm
RedHat rsync-2.5.7-0.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/rsync-2.5.7-0.7.i386.rpm
Sun Cobalt Qube 3
Sun Qube3-All-Security-4.0.1-16675.pkg
http://ftp.cobalt.sun.com/pub/packages/qube3/ml/Qube3-All-Security-4.0 .1-16675.pkg
RedHat rsync-2.5.5-1.i386.rpm
RedHat rsync-2.5.7-0.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/rsync-2.5.7-0.8.i386.rpm
RedHat rsync-2.4.6-5.i386.rpm
RedHat rsync-2.5.7-0.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/rsync-2.5.7-0.7.i386.rpm
RedHat rsync-2.5.4-2.i386.rpm
RedHat rsync-2.5.7-0.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/rsync-2.5.7-0.7.i386.rpm
rsync rsync 2.3.1
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.3.2
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.4 .0
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.4.1
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
TurboLinux rsync-2.5.7-1.i386.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6. 0/ja/updates/RPMS/rsync-2.5.7-1.i386.rpm
rsync rsync 2.4.3
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
TurboLinux rsync-2.5.7-1.i386.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/ updates/RPMS/rsync-2.5.7-1.i386.rpm
rsync rsync 2.4.4
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.4.5
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.4.6
Conectiva rsync-2.5.7-5U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/rsync-2.5.7-5U80_1cl.i386.r pm
Engarde Secure Linux rsync-2.4.6-1.0.7.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/
Engarde Secure Linux rsync-2.4.6-1.0.7.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
SuSE rsync-2.4.6-190.sparc.rpm
SuSE-7.3 Sparc
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/rsync-2.4.6-190.sparc. rpm
SuSE rsync-2.4.6-309.ppc.rpm
SuSE-7.3 PPC
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/rsync-2.4.6-309.ppc.rpm
SuSE rsync-2.4.6-499.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/rsync-2.4.6-499.i386.rp m
SuSE rsync-2.4.6-499.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/rsync-2.4.6-499.i386.rp m
TurboLinux rsync-2.5.7-1.i386.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.5/upd ates/RPMS/rsync-2.5.7-1.i386.rpm
TurboLinux rsync-2.5.7-1.i586.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updat es/RPMS/rsync-2.5.7-1.i586.rpm
TurboLinux rsync-2.5.7-1.i586.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/ updates/RPMS/rsync-2.5.7-1.i586.rpm
rsync rsync 2.4.8
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.5 .0
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.5.1
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.5.2
Immunix rsync-2.5.2-2_imnx_1.i386.rpm
http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/rsync-2.5.2-2_im nx_1.i386.rpm
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.5.3
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
rsync rsync 2.5.4
Immunix rsync-2.5.4-2_imnx_2.i386.rpm
http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/rsync-2.5.4-2_i mnx_2.i386.rpm
Mandrake rsync-2.5.4-2.1.M82mdk.i586.rpm
Mandrake Multi Network Firewall 8.2.
http://www.mandrakesecure.net/en/ftp.php
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
TurboLinux rsync-2.5.7-1.i586.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/ updates/RPMS/rsync-2.5.7-1.i586.rpm
rsync rsync 2.5.5
Conectiva rsync-2.5.7-13508U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/rsync-2.5.7-13508U90_1cl.i3 86.rpm
Debian rsync_2.5.5-0.2_alpha.deb
Debian 3 Alpha
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_a lpha.deb
Debian rsync_2.5.5-0.2_arm.deb
Debian 3 ARM
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_a rm.deb
Debian rsync_2.5.5-0.2_hppa.deb
Debian 3 HP Precision
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_h ppa.deb
Debian rsync_2.5.5-0.2_i386.deb
Debian 3 Intel IA-32
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_i 386.deb
Debian rsync_2.5.5-0.2_ia64.deb
Debian 3 Intel IA-64
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_i a64.deb
Debian rsync_2.5.5-0.2_m68k.deb
Debian 3 Motorola 680x0
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_m 68k.deb
Debian rsync_2.5.5-0.2_mips.deb
Debian 3 Big endian MIPS
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_m ips.deb
Debian rsync_2.5.5-0.2_mipsel.deb
Debian 3 Little endian MIPS
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_m ipsel.deb
Debian rsync_2.5.5-0.2_powerpc.deb
Debian 3 PowerPC
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_p owerpc.deb
Debian rsync_2.5.5-0.2_sparc.deb
Debian 3 Sun Sparc
http://security.debian.org/pool/updates/main/r/rsync/rsync_2.5.5-0.2_s parc.deb
Mandrake rsync-2.5.5-5.1.90mdk.i586.rpm
Mandrake Linux 9.0.
http://www.mandrakesecure.net/en/ftp.php
Mandrake rsync-2.5.5-5.1.C21mdk.i586.rpm
Mandrake Corporate Server 2.1.
http://www.mandrakesecure.net/en/ftp.php
Mandrake rsync-2.5.5-5.1.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64.
http://www.mandrakesecure.net/en/ftp.php
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
SuSE rsync-2.5.5-258.i586.rpm
SuSE-8.1
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/rsync-2.5.5-258.i 586.rpm
TurboLinux rsync-2.5.7-1.i586.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/upd ates/RPMS/rsync-2.5.7-1.i586.rpm
TurboLinux rsync-2.5.7-1.i586.rpm
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updat es/RPMS/rsync-2.5.7-1.i586.rpm
rsync rsync 2.5.6
Mandrake rsync-2.5.7-0.1.91mdk.i586.rpm
Mandrake Linux 9.1.
http://www.mandrakesecure.net/en/ftp.php
Mandrake rsync-2.5.7-0.1.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC.
http://www.mandrakesecure.net/en/ftp.php
Mandrake rsync-2.5.7-0.1.92mdk.i586.rpm
Mandrake Linux 9.2.
http://www.mandrakesecure.net/en/ftp.php
OpenBSD rsync-2.5.7.tgz
ftp://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386/rsync-2.5.7.tgz
OpenPKG rsync-2.5.6-1.3.1.src.rpm
OpenPKG 1.3
ftp://ftp.openpkg.org/release/1.3/UPD/rsync-2.5.6-1.3.1.src.rpm
RedHat rsync-2.5.7-2.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/i386 /rsync-2.5.7-2.i386.rpm
rsync rsync-2.5.7.tar.gz
http://samba.org/ftp/rsync/rsync-2.5.7.tar.gz
SCO rsync-2.5.7-1.i386.rpm
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-010.0/R PMS/rsync-2.5.7-1.i386.rpm
SCO rsync-2.5.7-1.i386.rpm
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-01 0.0/RPMS/rsync-2.5.7-1.i386.rpm
SuSE rsync-2.5.6-193.i586.rpm
SuSE-8.2
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/rsync-2.5.6-193.i 586.rpm
SuSE rsync-2.5.6-193.i586.rpm
SuSE-9.0
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/rsync-2.5.6-193.i 586.rpm
Slackware Linux 8.1
Slackware rsync-2.5.7-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/r sync-2.5.7-i386-1.tgz
Slackware Linux 9.0
Slackware rsync-2.5.7-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/r sync-2.5.7-i386-1.tgz
Slackware Linux 9.1
Slackware rsync-2.5.7-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/r sync-2.5.7-i486-1.tgz

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)