Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6200 to the following vulnerability: Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options. References: http://rsync.samba.org/security.html#s3_0_0 http://www.securityfocus.com/bid/26639 http://securitytracker.com/id?1019012 http://secunia.com/advisories/27863
The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw.
Reporter changed to security-response-team by request of Jay Turner.
Upstream patches to fix this issue (they have it noted as three issues, not sure if all three got different CVE names or not): http://rsync.samba.org/ftp/rsync/munge-symlinks-2.6.9.diff http://rsync.samba.org/ftp/rsync/security/rsync-2.6.9-daemon-exclude.diff http://rsync.samba.org/ftp/rsync/security/rsync-2.6.9-daemon-ids.diff These were all fixed in 3.0.0. Statement: The Red Hat Security Response Team has rated this issue as having moderate security impact, a future rsync package update may address this flaw in Red Hat Enterprise Linux 4. This flaw has been addressed in Red Hat Enterprise Linux 5 via RHSA-2011:0999 advisory. This flaw did not affect the version of rsync as shipped with Red Hat Enterprise Linux 6.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2011:0999 https://rhn.redhat.com/errata/RHSA-2011-0999.html
Statement: The Red Hat Security Response Team has rated this issue as having moderate security impact. This flaw has been addressed in Red Hat Enterprise Linux 5 via RHSA-2011:0999 advisory. This flaw did not affect the version of rsync as shipped with Red Hat Enterprise Linux 6. Red Hat does not intend to fix this flaw in Red Hat Enterprise Linux 4.