RSYNC: Rsync receive_xattr Heap-based Buffer Overread
A heap-based buffer overread vulnerability has been reported in the receive_xattr function of rsync. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted packets to a target system. Successful exploitation could lead to denial of service conditions.
Extended Description
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.
Affected Products
Debian debian_linux
References
CVE: CVE-2017-16548
Short Name
RSYNC:RSYNC-XATTR-HEAP-OF
Severity
Major
Recommended
True
Recommended Action
Drop
Category
RSYNC
Keywords
Buffer CVE-2017-16548 Heap-based Overread Rsync receive_xattr
Release Date
11/23/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
Port
TCP/873
False Positive
Unknown
Vendors
Samba
Debian
Canonical
CVSS Score
7.5