CVE Vulnerabilities

CVE-2017-17434

Published: Dec 06, 2017 | Modified: Nov 07, 2023
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
4.8 MODERATE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Ubuntu
MEDIUM

The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in xname follows strings (in the read_ndx_and_attrs function in rsync.c), which allows remote attackers to bypass intended access restrictions.

Affected Software

Name Vendor Start Version End Version
Rsync Samba * 3.1.2 (including)
Rsync Ubuntu artful *
Rsync Ubuntu trusty *
Rsync Ubuntu xenial *
Rsync Ubuntu zesty *

References