 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.870733 |
| Categoría: | Red Hat Local Security Checks |
| Título: | RedHat Update for rsync RHSA-2011:0390-01 |
| Resumen: | The remote host is missing an update for the 'rsync'; package(s) announced via the referenced advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'rsync' package(s) announced via the referenced advisory. Vulnerability Insight: rsync is a program for synchronizing files over a network. A memory corruption flaw was found in the way the rsync client processed malformed file list data. If an rsync client used the '--recursive' and '--delete' options without the '--owner' option when connecting to a malicious rsync server, the malicious server could cause rsync on the client system to crash or, possibly, execute arbitrary code with the privileges of the user running rsync. (CVE-2011-1097) Red Hat would like to thank Wayne Davison and Matt McCutchen for reporting this issue. Users of rsync should upgrade to this updated package, which contains a backported patch to resolve this issue. Affected Software/OS: rsync on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-1097 1025256 http://securitytracker.com/id?1025256 44071 http://secunia.com/advisories/44071 44088 http://secunia.com/advisories/44088 ADV-2011-0792 http://www.vupen.com/english/advisories/2011/0792 ADV-2011-0793 http://www.vupen.com/english/advisories/2011/0793 ADV-2011-0873 http://www.vupen.com/english/advisories/2011/0873 ADV-2011-0876 http://www.vupen.com/english/advisories/2011/0876 FEDORA-2011-4389 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057641.html FEDORA-2011-4413 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057737.html FEDORA-2011-4427 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057736.html HPSBMU02752 http://marc.info/?l=bugtraq&m=133226187115472&w=2 MDVSA-2011:066 http://www.mandriva.com/security/advisories?name=MDVSA-2011:066 RHSA-2011:0390 http://www.redhat.com/support/errata/RHSA-2011-0390.html SSRT100802 SUSE-SR:2011:009 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html [rsync] 20110122 rsync -rcv printing out filenames when content identical http://lists.samba.org/archive/rsync/2011-January/025988.html http://gitweb.samba.org/?p=rsync.git%3Ba=commit%3Bh=83b94efa6b60a3ff5eee4c5f7812c617a90a03f6 http://rsync.samba.org/ftp/rsync/src/rsync-3.0.8-NEWS https://bugzilla.redhat.com/show_bug.cgi?id=675036 https://bugzilla.samba.org/show_bug.cgi?id=7936 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |