Updated: January 21, 2004
Affected
The following is Apple's response for the Jaguar (MacOS X 10.2.x) product: The following is Apple's response for the Panther (MacOS X 10.3.x) product:
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: December 08, 2003
Affected
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 Debian Security Advisory DSA 404-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
December 4th, 2003 http://www.debian.org/security/faq Package : rsync
Vulnerability : heap overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2003-0962 The rsync team has received evidence that a vulnerability in all
versions of rsync prior to 2.5.7, a fast remote file copy program, was
recently used in combination with a Linux kernel vulnerability to
compromise the security of a public rsync server. While this heap overflow vulnerability could not be used by itself to
obtain root access on an rsync server, it could be used in combination
with the recently announced do_brk() vulnerability in the Linux kernel
to produce a full remote compromise. Please note that this vulnerability only affects the use of rsync as
an "rsync server". To see if you are running a rsync server you
should use the command "netstat -a -n" to see if you are listening on
TCP port 873. If you are not listening on TCP port 873 then you are
not running an rsync server. For the stable distribution (woody) this problem has been fixed in
version 2.5.5-0.2. For the unstable distribution (sid) this problem has been fixed in
version 2.5.6-1.1. However, since the Debian infrastructure is not yet fully functional
after the recent break-in, packages for the unstable distribution are
not able to enter the archive for a while. Hence they were placed in
my home directory on the security machine:
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: December 08, 2003
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
rsync is included as a third-party "port" in the FreeBSD system. A fix was committed to the FreeBSD ports collection CVS repository on 2003-12-04. FreeBSD users who have installed the rsync port are encouraged to update their ports tree and reinstall with the patched version.
Updated: August 02, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The Gentoo Linux Security Team has released GLSA-200312-03 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Updated: December 08, 2003
Affected
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 | Guardian Digital Security Advisory December 04, 2003 |
| http://www.guardiandigital.com ESA-20031204-032 | | Package: rsync |
| Summary: heap overflow vulnerability | EnGarde Secure Linux is an enterprise class Linux platform engineered
to enable corporations to quickly and cost-effectively build a complete
and secure Internet presence while preventing Internet threats. OVERVIEW A heap overflow vulnerability has been discovered in all versions of
rsync prior to 2.5.7. This vulnerability, exploitable when rsync is
being run in "server mode", may allow the attacker to run arbitrary
code on the compromised server. Guardian Digital has backported these fixes to version 2.4.6. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0962 to this issue. Guardian Digital products affected by this issue include: EnGarde Secure Community v1.0.1
EnGarde Secure Community v2
EnGarde Secure Professional v1.1
EnGarde Secure Professional v1.2
EnGarde Secure Professional v1.5 It is recommended that all users apply this update as soon as possible. SOLUTION Guardian Digital Secure Network subscribers may automatically update
affected systems by accessing their account from within the Guardian
Digital WebTool. To modify your GDSN account and contact preferences, please go to: https://www.guardiandigital.com/account/ Below are MD5 sums for the updated EnGarde Secure Linux 1.0.1 packages: SRPMS/rsync-2.4.6-1.0.7.src.rpm
MD5 Sum: 0059b139dce38f237019ae64a5dfbd84 i386/rsync-2.4.6-1.0.7.i386.rpm
MD5 Sum: 3d6cba56a9ccf244f7078cdfc1704b5d i686/rsync-2.4.6-1.0.7.i686.rpm
MD5 Sum: 68392cd5df92513f75107c037e7c6a29 REFERENCES Guardian Digital's public key: http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY rsync's Official Web Site: http://rsync.samba.org Guardian Digital Advisories: http://infocenter.guardiandigital.com/advisories/ Security Contact: security@guardiandigital.com Author: Ryan W. Maple
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: August 02, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The Immunix Security Team has published Immunix Secured OS Security Advisory IMNX-2003-73-001-01in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Updated: December 08, 2003
Affected
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CONECTIVA LINUX SECURITY ANNOUNCEMENT PACKAGE : rsync SUMMARY : Fix for remote vulnerability DATE : 2003-12-04 18:46:00 ID : CLA-2003:794 RELEVANT RELEASES : 8, 9 DESCRIPTION "rsync"[1] is a program used mainly to mirror files between remote sites. rsync versions prior to 2.5.7 have a heap buffer overflow vulnerability[2] which can be exploited by remote attackers to execute arbitrary code. This vulnerability specially affects installations where rsync is used as a server/daemon, that is, where it was started with the --daemon command line argument. A new rsync version, 2.5.7, was released by the authors to address this vulnerability. SOLUTION It is recommended that all rsync users upgrade their packages. IMPORTANT: after the update, the rsync server must be restarted manually if it was already running. REFERENCES 1. http://rsync.samba.org/ 2. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0962 UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/8/SRPMS/rsync-2.5.7-5U80_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/rsync-2.5.7-5U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/SRPMS/rsync-2.5.7-13508U90_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/rsync-2.5.7-13508U90_1cl.i386.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en Copyright (c) 2003 Conectiva Inc. http://www.conectiva.com subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/z50v42jd0JmAcZARAi28AKC87tMeZ78lZDrz7r2VQ37VLcE3FQCg0639 36tHDoREvYy7zxf45fVsP0U= =rxDT -----END PGP SIGNATURE-----
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: December 08, 2003
Affected
A heap overflow exists in rsync versions 2.5.6 and below that can be used by an attacker to run arbitrary code. The bug only affects rsync in server (daemon) mode and occurs *after* rsync has dropped privileges. By default, server will chroot(2) to the root of the file tree being served which significantly mitigates the impact of the bug. Installations that disable this behavior by placing "use chroot = no" in rsyncd.conf are vulnerable to attack. Sites that do run rsync in server mode should update their rsync package as soon as possible. The rsync port has been updated in the 3.3 and 3.4 -stable branches and a new binary package has been built for OpenBSD 3.4/i386. It can be downloaded from: ftp://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386/rsync-2.5.7.tgz For more information on the bug, see: http://rsync.samba.org/ For more information on packages errata, see: http://www.openbsd.org/pkg-stable.html
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: August 02, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The OpenPKG Security Team has released OpenPKG-SA-2003.051 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Updated: August 02, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The SCO Group has released SCO Security Advisory CSSA-2004-010.0 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Updated: January 21, 2004
Affected
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : SGI Advanced Linux Environment security update #6
Number : 20031202-01-U
Date : December 10, 2003
Reference : Red Hat Advisory RHSA-2003:399-06, CAN-2003-0962
Fixed in : Patch 10037 for SGI ProPack v2.3 SGI provides this information freely to the SGI user community for its
consideration, interpretation, implementation and use. SGI recommends that
this information be acted upon as soon as possible. SGI provides the information in this Security Advisory on an "AS-IS" basis
only, and disclaims all warranties with respect thereto, express, implied
or otherwise, including, without limitation, any warranty of merchantability
or fitness for a particular purpose. In no event shall SGI be liable for
any loss of profits, loss of business, loss of data or for any indirect,
special, exemplary, incidental or consequential damages of any kind arising
from your use of, failure to use or improper use of any of the instructions
or information in this Security Advisory. - --- Update --- SGI has released Patch 10037: SGI Advanced Linux Environment security
update #6, which includes updated RPMs for SGI ProPack v2.3 for the Altix
family of systems, in response to the following erratas released by Red Hat: New rsync packages fix remote security vulnerability
http://rhn.redhat.com/errata/RHSA-2003-399.html Patch 10037 is available from http://support.sgi.com/ and
ftp://patches.sgi.com/support/free/security/patches/ProPack/2.3/ The individual RPMs from Patch 10037 are available from: ftp://oss.sgi.com/projects/sgi_propack/download/2.3/updates/RPMS
ftp://oss.sgi.com/projects/sgi_propack/download/2.3/updates/SRPMS - --- Links --- SGI Security Advisories can be found at: http://www.sgi.com/support/security/ and
ftp://patches.sgi.com/support/free/security/advisories/ Red Hat Errata: Security Alerts, Bugfixes, and Enhancements
http://www.redhat.com/apps/support/errata/ SGI Advanced Linux Environment security updates can found on: ftp://oss.sgi.com/projects/sgi_propack/download/ SGI patches can be found at the following patch servers: http://support.sgi.com/ The primary SGI anonymous FTP site for security advisories and
security patches is ftp://patches.sgi.com/support/free/security/ - --- SGI Security Information/Contacts --- If there are questions about this document, email can be sent to
security-info@sgi.com. ------oOo------ SGI provides security information and patches for use by the entire SGI
community. This information is freely available to any person needing the
information and is available via anonymous FTP and the Web. The primary SGI anonymous FTP site for security advisories and patches is
patches.sgi.com. Security advisories and patches are located under the URL
ftp://patches.sgi.com/support/free/security/ The SGI Security Headquarters Web page is accessible at the URL: http://www.sgi.com/support/security/ For issues with the patches on the FTP sites, email can be sent to
security-info@sgi.com. For assistance obtaining or working with security patches, please
contact your SGI support provider. ------oOo------ SGI provides a free security mailing list service called wiretap and
encourages interested parties to self-subscribe to receive (via email) all
SGI Security Advisories when they are released. Subscribing to the mailing
list can be done via the Web
(http://www.sgi.com/support/security/wiretap.html) or by sending email to
SGI as outlined below. % mail wiretap-request@sgi.com
subscribe wiretap < YourEmailAddress such as midwatch@sgi.com >
end
^d In the example above,
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: December 08, 2003
Affected
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] rsync security update (SSA:2003-337-01) Rsync is a file transfer client and server. A security problem which may lead to unauthorized machine access or code execution has been fixed by upgrading to rsync-2.5.7. This problem only affects machines running rsync in daemon mode, and is easier to exploit if the non-default option "use chroot = no" is used in the /etc/rsyncd.conf config file. Any sites running an rsync server should upgrade immediately. For complete information, see the rsync home page: http://rsync.samba.org Here are the details from the Slackware 9.1 ChangeLog: Wed Dec 3 22:18:35 PST 2003 patches/packages/rsync-2.5.7-i486-1.tgz: Upgraded to rsync-2.5.7. From the rsync-2.5.7-NEWS file: SECURITY: * Fix buffer handling bugs. (Andrew Tridgell, Martin Pool, Paul Russell, Andrea Barisani) The vulnerability affects sites running rsync in daemon mode (rsync servers). These sites should be upgraded immediately. (* Security fix *) WHERE TO FIND THE NEW PACKAGE: Updated package for Slackware 8.1: ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/rsync-2.5.7-i386-1.tgz Updated package for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/rsync-2.5.7-i386-1.tgz Updated package for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/rsync-2.5.7-i486-1.tgz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/rsync-2.5.7-i486-1.tgz MD5 SIGNATURES: Slackware 8.1 package: 9adcdfaeca3022204bc1bef1d97802cf rsync-2.5.7-i386-1.tgz Slackware 9.0 package: 12788c9af15174c683ada4c5e5746372 rsync-2.5.7-i386-1.tgz Slackware 9.1 package: 38d40a65d526f92c41ff72afae74e546 rsync-2.5.7-i486-1.tgz Slackware -current package: 3f68fa78c6d095da4269e27806596d48 rsync-2.5.7-i486-1.tgz INSTALLATION INSTRUCTIONS: If you're running rsync as a daemon, kill it: # killall rsync Then, upgrade the package: # upgradepkg rsync-2.5.7-i486-1.tgz Finally, restart the rsync daemon: # rsync --daemon Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com | HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: | | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | unsubscribe slackware-security | | You will get a confirmation message back. Follow the instructions to | | complete the unsubscription. Do not reply to this message to | | unsubscribe! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/zuYUakRjwEAQIjMRAv8BAJ4mBp2BLFrk2Uw6qYbQyzZGWxDAhQCeK717 XvGEot5Waqq4pwafZ2dw3Lc= =ddu3 -----END PGP SIGNATURE-----
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: December 08, 2003
Affected
-----BEGIN PGP SIGNED MESSAGE----- SUSE Security Announcement Package: rsync
Announcement-ID: SuSE-SA:2003:050
Date: Thursday, Dec 4th 2003 14:30 MET
Affected products: 7.3, 8.0, 8.1, 8.2, 9.0
SuSE Linux Database Server,
SuSE eMail Server III, 3.1
SuSE Linux Enterprise Server 7, 8
SuSE Linux Firewall on CD/Admin host
SuSE Linux Connectivity Server
SuSE Linux Office Server
Vulnerability Type: local privilege escalation
Severity (1-10): 4
SUSE default package: no
Cross References: CAN-2003-0962 Content of this advisory: 1) security vulnerability resolved: heap overflow
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds: - discontinue of SuSE Linux 7.3
- KDE
- mc
- apache
- screen
- mod_gzip
- unace
3) standard appendix (further information) 1) problem description, brief discussion, solution, upgrade information The rsync suite provides client and server tools to easily support an
administrator keeping the files of different machines in sync. In most private networks the rsync client tool is used via SSH to fulfill
his tasks. In an open environment rsync is run in server mode accepting
connections from many untrusted hosts with, but mostly without,
authentication. The rsync server drops its root privileges soon after it was started and
per default creates a chroot environment. Due to insufficient integer/bounds checking in the server code a heap
overflow can be triggered remotely to execute arbitrary code. This code
does not get executed as root and access is limited to the chroot
environment. The chroot environment maybe broken afterwards by abusing
further holes in system software or holes in the chroot setup. Your are not vulnerable as long as you do not use rsync in server mode
or you use authentication to access the rsync server. As a temporary workaround you can disable access to your rsync server for
untrusted parties, enable authentication or switch back to rsync via SSH. Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement. Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update. Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web. Intel i386 Platform: SuSE-9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/rsync-2.5.6-193.i586.rpm
e848708286572c8a793819e5a358274a
patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/rsync-2.5.6-193.i586.patch.rpm
d70f7726a2c8850a8c085bdbe9afbf27
source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/rsync-2.5.6-193.src.rpm
45e14417a64704fcee1dfea390a5b3f6 SuSE-8.2: ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/rsync-2.5.6-193.i586.rpm
341d1da31000831d994e48d0714b576d
patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/rsync-2.5.6-193.i586.patch.rpm
d94f1a84fc07e92dfc87471f909314c9
source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/rsync-2.5.6-193.src.rpm
16b19cc2331ff577f2d1f9e116e74625 SuSE-8.1: ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/rsync-2.5.5-258.i586.rpm
28799a5950666eb7f104e2831575fb3c
patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/rsync-2.5.5-258.i586.patch.rpm
02557d2de1dc27ffd97845ebabb336b6
source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/rsync-2.5.5-258.src.rpm
6a7cd73509acf3cca12d9a4f4b3aec98 SuSE-8.0: ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/rsync-2.4.6-499.i386.rpm
cf9fde4bcf1f3af3e3c5ae6bf5ceba85
patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/rsync-2.4.6-499.i386.patch.rpm
0a61425e9bb345fe73e42926408257cb
source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/rsync-2.4.6-499.src.rpm
d5c29841ff1f387cb003c359eee868df SuSE-7.3: ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/rsync-2.4.6-499.i386.rpm
67b2400ee15d739e75a1463db7d003ca
source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/rsync-2.4.6-499.src.rpm
ececccdf316a4d98c66315fc560eb9b1 Sparc Platform: SuSE-7.3: ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/rsync-2.4.6-190.sparc.rpm
bd408eb2cfe82206439c78a1fbaecf60
source rpm(s): ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/rsync-2.4.6-190.src.rpm
e500422c7cf0dc39c6bb3cf2445d9998 SuSE-7.3: ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/rsync-2.4.6-309.ppc.rpm
7eebb018bce237a4f351f5e00761ead1
source rpm(s): ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/rsync-2.4.6-309.src.rpm
2dd16900d70cbf06454dcd52b822a0ae 2) Pending vulnerabilities in SUSE Distributions and Workarounds: - discontinue of SuSE Linux 7.3
Two years after the release, SUSE will discontinue providing updates
and security fixes for the SuSE Linux 7.3 consumer product on the
Intel i386 and the PPC Power PC architectures. Vulnerabilities found
after December 15th 2003 will not be fixed any more for SuSE Linux
7.3. Directory structures referring to the SuSE Linux 7.3 release will be
moved to the discontinued/ tree on our main ftp server ftp.suse.com
the distribution directories first, followed by the update/ directory
tree in January 2004. Please note that our SuSE Linux Enterprise Server family products have
a much longer support period. These products are not concerned by this
announcement. - KDE
New KDE packages are currently being tested. These packages fixes
several vulnerabilities: + remote root compromise (CAN-2003-0690)
+ weak cookies (CAN-2003-0692)
+ SSL man-in-the-middle attack
+ information leak through HTML-referrer (CAN-2003-0459)
+ wrong file permissions of config files
The packages will be release as soon as testing is finished. - mc
By using a special combination of links in archive-files it is possible
to execute arbitrary commands while mc tries to open it in its VFS. The packages are currently tested and will be release as soon as
possible. - apache1/2
The widely used HTTP server apache has several security vulnerabilities: - locally exploitable buffer overflow in the regular expression code. The attacker must be able to modify .htaccess or httpd.conf. (affects: mod_alias and mod_rewrite) - under some circumstances mod_cgid will output its data to the
wrong client (affects: apache2)
Update packages are available on our FTP servers. - freeradius
Two vulnerabilities were found in the FreeRADIUS package. The remote denial-of-service attack bug was fixed and new packages
will be released as soon as testing was successfully finished. The other bug is a remote buffer overflow in the module rlm_smb. We do not ship this module and will fix it for future releases. - screen
A buffer overflow in screen was reported. Since SuSE Linux 8.0
we do not ship screen with the s-bit anymore. An update package
will be released for 7.3 as soon as possible. - mod_gzip
The apache module mod_gzip is vulnerable to remote code execution
while running in debug-mode. We do not ship this module in debug-mode
but future versions will include the fix. Additionally the mod_gzip code was audited to fix more possible security
related bugs. - unace
The tool unace for handling the archive format ACE is vulnerable to
a buffer overflow that can be triggered with long file-names as command
line argument. This only affects unace version 2.5. Unfortunately this
tool is provided closed source only from the author. Therefore we are
unable to check for other bugs or look at the patch. Update packages are available from our FTP servers. 3) standard appendix: authenticity verification, additional information - Package authenticity verification: SUSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package: 1) md5sums as provided in the (cryptographically signed) announcement. 2) using the internal gpg signatures of the rpm package. 1) execute the command
md5sum
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: December 08, 2003
Affected
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 Trustix Secure Linux Security Advisory #2003-0048 Package name: rsync
Summary: remote code execution
Date: 2003-12-04
Affected versions: TSL 1.2, 1.5, 2.0 Package description: Rsync uses a quick and reliable algorithm to very quickly bring
remote and host files into sync. Rsync is fast because it just
sends the differences in the files over the network (instead of
sending the complete files). Rsync is often used as a very powerful
mirroring process or just as a more capable replacement for the
rcp command. A technical report which describes the rsync algorithm
is included in this package. Problem description: All versions of rsync prior to 2.5.7 contains a heap overflow that can
be used to exceute arbitary code from remote. The Common Vulnerabilites and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0962 to this issue. Action: We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system. Location: All TSL updates are available from
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: December 08, 2003
Affected
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 This is an announcement only email list for the x86 architecture. Turbolinux Security Announcement 06/Dec/2003 The following page contains the security information of Turbolinux Inc. - Turbolinux Security Center
http://www.turbolinux.com/security/ (1) glibc -> Multiple vulnerabilities in glibc
(2) rsync -> Heap overflow * glibc -> Multiple vulnerabilities in glibc More information : The glibc package contains the standard C libraries used by applications. When a user is a member of a large number of groups,the getgrouplist function in
glibc allows attackers to cause a denial of service (segmentation fault)
and execute arbitrary code. Impact : This may allow attackers to cause a denial of service or execute arbitrary code. Affected Products : - Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation Solution : Please use turbopkg(zabom) tool to apply the update. # turbopkg
or
# zabom update glibc glibc-devel glibc-profile mtrace nscd
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.