Vulnerability Details : CVE-2007-4091
Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function.
Vulnerability category: Execute code
Products affected by CVE-2007-4091
- cpe:2.3:a:rsync:rsync:2.6.9:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-4091
18.11%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-4091
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
Vendor statements for CVE-2007-4091
-
Red Hat 2007-08-22Not vulnerable. This flaw did not affect Red Hat Enterprise Linux 2.1, 3, or 4 due to the version of rsync. This flaw does exist in Red Hat Enterprise Linux 5, but due to the nature of the flaw it is not exploitable with any security consequence due to stack-protector.
References for CVE-2007-4091
-
http://www.ubuntu.com/usn/usn-500-1
USN-500-1: rsync vulnerability | Ubuntu security notices | Ubuntu
-
http://www.debian.org/security/2007/dsa-1360
[SECURITY] [DSA 1360-1] New rsync packages fix arbitrary code execution
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.481089
The Slackware Linux Project: Slackware Security Advisories
-
https://issues.rpath.com/browse/RPL-1647
-
http://www.trustix.org/errata/2007/0026/
Trustix | Empowering Trust and Security in the Digital Age
-
http://article.gmane.org/gmane.linux.debian.devel.bugs.general/291908
-
http://c-skills.blogspot.com/2007/08/cve-2007-4091.html
C-skills: CVE-2007-4091
-
http://www.vupen.com/english/advisories/2007/2915
Site en construction
-
http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15548.html
Rsync sender.c vulnerability CVE-2007-4091
-
http://www.securityfocus.com/bid/25336
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/36072
rsync f_name() function buffer overflow CVE-2007-4091 Vulnerability Report
-
http://secunia.com/advisories/61039
About Secunia Research | Flexera
-
http://security.gentoo.org/glsa/glsa-200709-13.xml
rsync: Two buffer overflows (GLSA 200709-13) — Gentoo security
-
http://www.novell.com/linux/security/advisories/2007_17_sr.html
404 Page Not Found | SUSE
-
http://www.securityfocus.com/archive/1/477628/100/0/threaded
Jump to