Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.801772
Kategorie:Denial of Service
Titel:Rsync Multiple Denial of Service Vulnerabilities (Windows)
Zusammenfassung:This host is installed with Rsync and is prone to multiple denial; of service vulnerabilities.
Beschreibung:Summary:
This host is installed with Rsync and is prone to multiple denial
of service vulnerabilities.

Vulnerability Insight:
The flaws are due to

- a memory corruption error when processing malformed file list data.

- error while handling directory paths, '--backup-dir', filter/exclude lists.

Vulnerability Impact:
Successful exploitation will allow remote attackers to crash an affected
application or execute arbitrary code by tricking a user into connecting
to a malicious rsync server and using the '--recursive' and '--delete'
options without the '--owner' option.

Affected Software/OS:
rsync version 3.x before 3.0.8

Solution:
Upgrade to rsync version 3.0.8 or later

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1097
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057641.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057737.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057736.html
HPdes Security Advisory: HPSBMU02752
http://marc.info/?l=bugtraq&m=133226187115472&w=2
HPdes Security Advisory: SSRT100802
http://www.mandriva.com/security/advisories?name=MDVSA-2011:066
http://lists.samba.org/archive/rsync/2011-January/025988.html
http://www.redhat.com/support/errata/RHSA-2011-0390.html
http://securitytracker.com/id?1025256
http://secunia.com/advisories/44071
http://secunia.com/advisories/44088
SuSE Security Announcement: SUSE-SR:2011:009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
http://www.vupen.com/english/advisories/2011/0792
http://www.vupen.com/english/advisories/2011/0793
http://www.vupen.com/english/advisories/2011/0873
http://www.vupen.com/english/advisories/2011/0876
CopyrightCopyright (c) 2011 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.