Bug 407171 (CVE-2007-6200) - CVE-2007-6200 rsync excluded content access restrictions bypass via symlinks
Summary: CVE-2007-6200 rsync excluded content access restrictions bypass via symlinks
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2007-6200
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL: http://nvd.nist.gov/nvd.cfm?cvename=C...
Whiteboard:
Depends On: 717458
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-12-01 03:38 UTC by Red Hat Product Security
Modified: 2019-09-29 12:22 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-08-03 18:27:40 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:0999 0 normal SHIPPED_LIVE Moderate: rsync security, bug fix, and enhancement update 2011-07-21 10:48:19 UTC

Description Lubomir Kundrak 2007-12-01 03:38:07 UTC
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6200 to the following vulnerability:

Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options.

References:

http://rsync.samba.org/security.html#s3_0_0
http://www.securityfocus.com/bid/26639
http://securitytracker.com/id?1019012
http://secunia.com/advisories/27863

Comment 1 Lubomir Kundrak 2007-12-05 18:34:23 UTC
The Red Hat Security Response Team has rated this issue as having moderate
security impact, a future update may address this flaw.

Comment 6 Red Hat Bugzilla 2009-10-23 19:04:06 UTC
Reporter changed to security-response-team@redhat.com by request of Jay Turner.

Comment 7 Vincent Danen 2010-12-22 23:28:44 UTC
Upstream patches to fix this issue (they have it noted as three issues, not sure if all three got different CVE names or not):

http://rsync.samba.org/ftp/rsync/munge-symlinks-2.6.9.diff
http://rsync.samba.org/ftp/rsync/security/rsync-2.6.9-daemon-exclude.diff
http://rsync.samba.org/ftp/rsync/security/rsync-2.6.9-daemon-ids.diff

These were all fixed in 3.0.0.

Statement:

The Red Hat Security Response Team has rated this issue as having moderate
security impact, a future rsync package update may address this flaw in Red Hat Enterprise Linux 4. This flaw has been addressed in Red Hat Enterprise Linux 5 via RHSA-2011:0999 advisory. This flaw did not affect the version of rsync as shipped with Red Hat Enterprise Linux 6.

Comment 9 errata-xmlrpc 2011-07-21 10:48:24 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2011:0999 https://rhn.redhat.com/errata/RHSA-2011-0999.html

Comment 10 errata-xmlrpc 2011-07-21 12:29:39 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2011:0999 https://rhn.redhat.com/errata/RHSA-2011-0999.html

Comment 11 Josh Bressers 2011-08-03 18:27:40 UTC
Statement:

The Red Hat Security Response Team has rated this issue as having moderate
security impact. This flaw has been addressed in Red Hat Enterprise Linux 5 via RHSA-2011:0999 advisory. This flaw did not affect the version of rsync as shipped with Red Hat Enterprise Linux 6.

Red Hat does not intend to fix this flaw in Red Hat Enterprise Linux 4.


Note You need to log in before you can comment on or make changes to this bug.