Bug 190207 (CVE-2006-2083) - CVE-2006-2083 rsync buffer overflow issue
Summary: CVE-2006-2083 rsync buffer overflow issue
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2006-2083
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: rsync
Version: 4.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Jay Fenlason
QA Contact: Mike McLean
URL:
Whiteboard: public=20060422,impact=moderate,repor...
Depends On:
Blocks: 170416
TreeView+ depends on / blocked
 
Reported: 2006-04-28 19:44 UTC by Josh Bressers
Modified: 2014-08-31 23:28 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-05-26 14:58:25 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Josh Bressers 2006-04-28 19:44:37 UTC
rsync buffer overflow issue

The receive_xattr() function creates a buffer by adding two integer
variables together without verifying the resultant sum hasn't caused
an integer overflow.

The fix, which is a patch of a patch is here:

http://cvs.samba.org/cgi-bin/cvsweb/rsync/patches/xattrs.diff.diff?r1=1.23&r2=1.24

Only the last few lines matter for this patch, the rest is the result
of making a minor modification in a patch.


Note You need to log in before you can comment on or make changes to this bug.