Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista

RSync Configured Module Path Escaping Vulnerability

Solution:
The vendor has released an upgraded version of rsync. Install version 2.6.1 or later.

Trustix has released advisory 2004-0024 along with fixes dealing
with this issue. Please see the referenced advisory for more information
and details on obtaining fixes.

Debian has released an advisory (DSA 499-1) and fixes for this issue. See the referenced advisory for links to fixed packages.

Slackware has released an advisory (SSA:2004-124-01) and fixes for this issue. See the referenced advisory for links to fixed packages.

Mandrake has released an advisory (MDKSA-2004:042) and fixes for this issue. See the referenced advisory for links to fixed packages.

Red Hat has released an advisory (RHSA-2004:192-06) and fixes for this issue. See the referenced advisory for links to fixed packages.

OpenPKG has release an advisory (OpenPKG-SA-2004.025) for this issue. Please see the referenced advisory for more information and details on obtaining fixes.

Silicon Graphics has released advisory 20040509-01-U and fixes dealing with this and other issues for SGI ProPack 3. Please see the referenced advisory for more information.

Silicon Graphics has released advisory 20040508-01-U and fixes dealing with this and other issues for SGI ProPack 2.4. Please see the referenced advisory for more information.

Debian has released an updated advisory (DSA 499-2) addressing this issue. The updated advisory contains an additional fix related to this issue. Please see the referenced advisory for more information.

RedHat has released an advisory (FEDORA-2004-116) to address this issue in Fedora Core 1. Please see the referenced advisory for more information.

Gentoo has released an advisory that includes updates for this issue. Updates may be applied with the following commands:
emerge sync
emerge -pv ">=net-misc/rsync-2.6.0-r2"
emerge ">=net-misc/rsync-2.6.0-r2"

Apple has released an advisory (APPLE-SA-0024-09-07) along with fixes to address this, and many other issues. Please see the referenced advisory for further information.

RedHat has released a Fedora legacy advisory (FLSA:2003) to address various issues in rsync. This advisory fixes these issues in Red Hat Linux 7.3 and 9 running on the i386 architecture. Please see the referenced advisory for more details and information about obtaining fixes.

Contectiva Linux has released advisory CLA-2004:881 along with fixes dealing with this issue. Please see the referenced advisory for more information.


Apple Mac OS X 10.2.8

Apple Mac OS X Server 10.2.8

Apple Mac OS X 10.3.4

Apple Mac OS X Server 10.3.4

Apple Mac OS X Server 10.3.5

Apple Mac OS X 10.3.5

MandrakeSoft Multi Network Firewall 2.0

MandrakeSoft Corporate Server 2.1

MandrakeSoft Corporate Server 2.1 x86_64

rsync rsync 2.3.1

rsync rsync 2.3.2 -1.2 sparc

rsync rsync 2.3.2

rsync rsync 2.3.2 -1.2 ARM

rsync rsync 2.3.2 -1.2 m68k

rsync rsync 2.3.2 -1.3

rsync rsync 2.3.2 -1.2 alpha

rsync rsync 2.3.2 -1.2 PPC

rsync rsync 2.3.2 -1.2 intel

rsync rsync 2.4 .0

rsync rsync 2.4.1

rsync rsync 2.4.3

rsync rsync 2.4.4

rsync rsync 2.4.5

rsync rsync 2.4.6

rsync rsync 2.4.8

rsync rsync 2.5 .0

rsync rsync 2.5.1

rsync rsync 2.5.2

rsync rsync 2.5.3

rsync rsync 2.5.4

rsync rsync 2.5.5

rsync rsync 2.5.6

rsync rsync 2.5.7

rsync rsync 2.6

MandrakeSoft Linux Mandrake 9.1 ppc

MandrakeSoft Linux Mandrake 9.1

MandrakeSoft Linux Mandrake 9.2

MandrakeSoft Linux Mandrake 9.2 amd64




 

Privacy Statement
Copyright 2008, SecurityFocus