ID de Prueba:	1.3.6.1.4.1.25623.1.1.2.2020.1257
Categoría:	Huawei EulerOS Local Security Checks
Título:	Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2020-1257)
Resumen:	The remote host is missing an update for the Huawei EulerOS 'rsync' package(s) announced via the EulerOS-SA-2020-1257 advisory.
Descripción:	Summary: The remote host is missing an update for the Huawei EulerOS 'rsync' package(s) announced via the EulerOS-SA-2020-1257 advisory. Vulnerability Insight: The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.(CVE-2017-17433) rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.(CVE-2017-15994) Affected Software/OS: 'rsync' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-15994 Common Vulnerability Exposure (CVE) ID: CVE-2017-17433
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.