CLD-169 Details
Other IDs this deficiency may be known by:
Basic Information:
| Affected Package(s) |
rsync |
| Deficiency Type |
SECURITY |
| Date Created |
2017-12-06 11:10:28 |
| Date Last Modified |
2017-12-06 16:24:27 |
Version Specific Information:
| Cucumber 1.0 i686 | fixed in rsync-3.1.2-i686-6 |
| Cucumber 1.0 x86_64 | fixed in rsync-3.1.2-x86_64-6 |
| Cucumber 1.1 i686 |
fixed in rsync-3.1.2-i686-6 |
| Cucumber 1.1 x86_64 |
fixed in rsync-3.1.2-x86_64-6 |
Details:
=================================== Overview ===================================
From https://nvd.nist.gov/vuln/detail/CVE-2017-17433:
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and
3.1.3-development before 2017-11-03, proceeds with certain file metadata updates
before checking for a filename in the daemon_filter_list data structure, which
allows remote attackers to bypass intended access restrictions.
================================= Our Analysis =================================
----- Affected Products -----
Rsync version 3.1.2 that has not had the patch
https://git.samba.org/?p=rsync.git;a=patch;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
applied is vulnerable to this vulnerability. This includes rsync as origianlly
packaged in Cucumber Linux 1.0 and 1.1.
At this time, we are unsure whether other versions of Rsync are affected.
----- Scope and Impact of this Vulnerability -----
Allows for remote attackers to bypass access restrictions.
----- Fix for this Vulnerability -----
This vulnerability can be fixed by applying the patch from
https://git.samba.org/?p=rsync.git;a=patch;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
================================= Our Solution =================================
We have applied the patch
https://git.samba.org/?p=rsync.git;a=commit;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
and rebuilt rsync.