Buffer Overflow Vulnerability in Rsync Versions by Samba.org
CVE-2008-1720

Currently unrated

Key Information:

Vendor: Samba
Status: Rsync
Vendor: CVE Published:; 10 April 2008

What is CVE-2008-1720?

A buffer overflow issue exists in Rsync versions 2.6.9 to 3.0.1, particularly when extended attribute (xattr) support is enabled. This vulnerability can be exploited by remote attackers to execute arbitrary code by sending specially crafted inputs. Users of the affected Rsync versions are strongly encouraged to upgrade to a patched version to mitigate potential security risks.

References

http://secunia.com/advisories/29856

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/29788

third-party-advisoryx_refsource_SECUNIA

http://lists.opensuse.org/opensuse-security-announce/2008...

vendor-advisoryx_refsource_SUSE

EPSS Score

10% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2008
Vulnerability Reserved
Apr 10, 2008