FreeBSD Local Security Checks : FreeBSD Ports: rsync

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.69992

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: rsync

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: rsync

CVE-2011-1097
rsync 3.x before 3.0.8, when certain recursion, deletion, and
ownership options are used, allows remote rsync servers to cause a
denial of service (heap memory corruption and application crash) or
possibly execute arbitrary code via malformed data.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-1097
1025256
http://securitytracker.com/id?1025256
44071
http://secunia.com/advisories/44071
44088
http://secunia.com/advisories/44088
ADV-2011-0792
http://www.vupen.com/english/advisories/2011/0792
ADV-2011-0793
http://www.vupen.com/english/advisories/2011/0793
ADV-2011-0873
http://www.vupen.com/english/advisories/2011/0873
ADV-2011-0876
http://www.vupen.com/english/advisories/2011/0876
FEDORA-2011-4389
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057641.html
FEDORA-2011-4413
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057737.html
FEDORA-2011-4427
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057736.html
HPSBMU02752
http://marc.info/?l=bugtraq&m=133226187115472&w=2
MDVSA-2011:066
http://www.mandriva.com/security/advisories?name=MDVSA-2011:066
RHSA-2011:0390
http://www.redhat.com/support/errata/RHSA-2011-0390.html
SSRT100802
SUSE-SR:2011:009
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
[rsync] 20110122 rsync -rcv printing out filenames when content identical
http://lists.samba.org/archive/rsync/2011-January/025988.html
http://gitweb.samba.org/?p=rsync.git%3Ba=commit%3Bh=83b94efa6b60a3ff5eee4c5f7812c617a90a03f6
http://rsync.samba.org/ftp/rsync/src/rsync-3.0.8-NEWS
https://bugzilla.redhat.com/show_bug.cgi?id=675036
https://bugzilla.samba.org/show_bug.cgi?id=7936

Copyright Copyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.69992
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: rsync
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: rsync CVE-2011-1097 rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1097 1025256 http://securitytracker.com/id?1025256 44071 http://secunia.com/advisories/44071 44088 http://secunia.com/advisories/44088 ADV-2011-0792 http://www.vupen.com/english/advisories/2011/0792 ADV-2011-0793 http://www.vupen.com/english/advisories/2011/0793 ADV-2011-0873 http://www.vupen.com/english/advisories/2011/0873 ADV-2011-0876 http://www.vupen.com/english/advisories/2011/0876 FEDORA-2011-4389 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057641.html FEDORA-2011-4413 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057737.html FEDORA-2011-4427 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057736.html HPSBMU02752 http://marc.info/?l=bugtraq&m=133226187115472&w=2 MDVSA-2011:066 http://www.mandriva.com/security/advisories?name=MDVSA-2011:066 RHSA-2011:0390 http://www.redhat.com/support/errata/RHSA-2011-0390.html SSRT100802 SUSE-SR:2011:009 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html [rsync] 20110122 rsync -rcv printing out filenames when content identical http://lists.samba.org/archive/rsync/2011-January/025988.html http://gitweb.samba.org/?p=rsync.git%3Ba=commit%3Bh=83b94efa6b60a3ff5eee4c5f7812c617a90a03f6 http://rsync.samba.org/ftp/rsync/src/rsync-3.0.8-NEWS https://bugzilla.redhat.com/show_bug.cgi?id=675036 https://bugzilla.samba.org/show_bug.cgi?id=7936
Copyright	Copyright (C) 2011 E-Soft Inc.