exploits , vulnerabilities , articles , Rsync Sanitize_path Function Module Path Escaping Vulnerability

Title	Rsync Sanitize_path Function Module Path Escaping Vulnerability
Published	2004-08-12-12:00AM
Updated	2004-11-01-05:40PM
Class	Input Validation Error
CVE	CAN-2004-0792
Remote	Yes
Local	No
Credit	This issue was reported by the vendor.
Vulnerable	tinysofa enterprise server 2.0 Slackware Linux 10.0 Slackware Linux 9.1 Slackware Linux 9.0 Slackware Linux 8.1 Slackware Linux current rsync rsync 2.6.2 OpenPKG OpenPKG 2.1 rsync rsync 2.6.1 rsync rsync 2.6 OpenPKG OpenPKG 2.0 rsync rsync 2.5.7 rsync rsync 2.5.6 MandrakeSoft Linux Mandrake 9.1 MandrakeSoft Linux Mandrake 9.1 ppc MandrakeSoft Linux Mandrake 9.2 OpenBSD OpenBSD 3.0 OpenBSD OpenBSD 3.1 OpenBSD OpenBSD 3.2 OpenBSD OpenBSD 3.3 OpenBSD OpenBSD 3.4 OpenPKG OpenPKG Current OpenPKG OpenPKG 1.2 OpenPKG OpenPKG 1.3 RedHat Fedora Core1 S.u.S.E. Linux Personal 8.2 S.u.S.E. Linux Personal 9.0 Slackware Linux 9.0 Slackware Linux 9.1 rsync rsync 2.5.5 Conectiva Linux 9.0 Debian Linux 3.0 alpha Debian Linux 3.0 arm Debian Linux 3.0 hppa Debian Linux 3.0 ia32 Debian Linux 3.0 ia64 Debian Linux 3.0 m68k Debian Linux 3.0 mips Debian Linux 3.0 mipsel Debian Linux 3.0 ppc Debian Linux 3.0 s/390 Debian Linux 3.0 sparc MandrakeSoft Corporate Server 2.1 MandrakeSoft Corporate Server 2.1 x86_64 MandrakeSoft Linux Mandrake 9.0 S.u.S.E. Linux 8.1 Slackware Linux 8.1 rsync rsync 2.5.4 Immunix Immunix OS 7.3 MandrakeSoft Corporate Server 1.0.1 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.2 MandrakeSoft Linux Mandrake 8.0 MandrakeSoft Linux Mandrake 8.0 ppc MandrakeSoft Linux Mandrake 8.1 MandrakeSoft Linux Mandrake 8.1 ia64 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Single Network Firewall 7.2 rsync rsync 2.5.3 rsync rsync 2.5.2 Immunix Immunix OS 7 rsync rsync 2.5.1 FreeBSD FreeBSD 4.1 FreeBSD FreeBSD 4.1.1 FreeBSD FreeBSD 4.2 FreeBSD FreeBSD 4.3 FreeBSD FreeBSD 4.4 FreeBSD FreeBSD 4.5 rsync rsync 2.5 .0 FreeBSD FreeBSD 4.1 FreeBSD FreeBSD 4.1.1 FreeBSD FreeBSD 4.2 FreeBSD FreeBSD 4.3 FreeBSD FreeBSD 4.4 FreeBSD FreeBSD 4.5 rsync rsync 2.4.8 rsync rsync 2.4.6 Conectiva Linux 6.0 Conectiva Linux 7.0 Conectiva Linux 8.0 EnGarde Secure Linux 1.0.1 HP Secure OS software for Linux 1.0 MandrakeSoft Corporate Server 1.0.1 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.2 MandrakeSoft Linux Mandrake 8.0 MandrakeSoft Linux Mandrake 8.0 ppc MandrakeSoft Linux Mandrake 8.1 MandrakeSoft Linux Mandrake 8.1 ia64 MandrakeSoft Single Network Firewall 7.2 RedHat Linux 7.2 i386 RedHat Linux 7.2 ia64 S.u.S.E. Linux 7.1 alpha S.u.S.E. Linux 7.1 ppc S.u.S.E. Linux 7.1 sparc S.u.S.E. Linux 7.1 x86 S.u.S.E. Linux 7.2 i386 S.u.S.E. Linux 7.3 i386 S.u.S.E. Linux 7.3 ppc S.u.S.E. Linux 7.3 sparc S.u.S.E. Linux 8.0 Trustix Secure Linux 1.2 Trustix Secure Linux 1.5 rsync rsync 2.4.5 rsync rsync 2.4.4 RedHat Linux 7.0 alpha RedHat Linux 7.0 i386 RedHat Linux 7.1 alpha RedHat Linux 7.1 i386 RedHat Linux 7.1 ia64 rsync rsync 2.4.3 Caldera OpenLinux 2.3 Caldera OpenLinux 3.1 IA64 Caldera OpenLinux Server 3.1 Caldera OpenLinux Workstation 3.1 Trustix Secure Linux 1.1 rsync rsync 2.4.1 RedHat Linux 6.2 alpha RedHat Linux 6.2 i386 RedHat Linux 6.2 sparc Trustix Secure Linux 1.0 1 rsync rsync 2.4 .0 rsync rsync 2.3.2 1.3 rsync rsync 2.3.2 1.2 sparc Debian Linux 2.2 sparc rsync rsync 2.3.2 1.2 PPC Debian Linux 2.2 powerpc rsync rsync 2.3.2 1.2 m68k Debian Linux 2.2 68k rsync rsync 2.3.2 1.2 intel Debian Linux 2.2 IA32 rsync rsync 2.3.2 1.2 ARM Debian Linux 2.2 arm rsync rsync 2.3.2 1.2 alpha Debian Linux 2.2 alpha rsync rsync 2.3.2 S.u.S.E. Linux 6.4 alpha S.u.S.E. Linux 6.4 i386 S.u.S.E. Linux 6.4 ppc S.u.S.E. Linux 7.0 alpha S.u.S.E. Linux 7.0 i386 S.u.S.E. Linux 7.0 ppc S.u.S.E. Linux 7.0 sparc rsync rsync 2.3.1 Caldera OpenLinux eBuilder 3.0 Conectiva Linux ecommerce Conectiva Linux graficas Conectiva Linux 5.0 Conectiva Linux 5.1 SCO eDesktop 2.4 SCO eServer 2.3.1 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux AS 2.1 IA64 RedHat Enterprise Linux AS 2.1 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 IA64 RedHat Advanced Workstation for the Itanium Processor 2.1 Conectiva Linux 10.0 Conectiva Linux 9.0 Avaya S8700 R2.0.1 Avaya S8700 R2.0.0 Avaya S8500 R2.0.1 Avaya S8500 R2.0.0 Avaya S8300 R2.0.1 Avaya S8300 R2.0.0 Avaya Converged Communications Server 2.0
Not Vulnerable
Code	Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: content@securitydot.net <mailto:content@securitydot.net>.
TXT

Vulnerabilities - newest 10 RSS | More

• 2008-12-01 SystemImager Flamethrower Insecure Temporary File Creation Vulnerabilities
• 2008-12-01 Rumpus FTP Server Command Argument Remote Buffer Overflow Vulnerability
• 2008-12-01 Rumpus FTP Server HTTP Command Remote Denial of Service Vulnerability
• 2008-11-29 Multiple ActiveWebSoftwares Products Login Parameters SQL Injection Vulnerabilities
• 2008-11-29 Venalsur Booking Centre Multiple Cross-Site Scripting Vulnerabilities
• 2008-11-28 ReVou Login SQL Injection Vulnerability
• 2008-11-28 Web Calendar System SQL Injection and Cross Site Scripting Vulnerabilities
• 2008-11-28 SailPlanner Login SQL Injection Vulnerability
• 2008-11-28 Livio.net WEB Calendar Cross Site Scripting and Multiple SQL Injection Vulnerabilities
• 2008-11-28 Subtext Anchor Tags HTML Injection Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Tue, 02 Dec 2008 04:29:47 +0000