CLD-169 Details

Other IDs this deficiency may be known by:

CVE ID CVE-2017-17433 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s)

Basic Information:

Affected Package(s) rsync
Deficiency Type SECURITY
Date Created 2017-12-06 11:10:28
Date Last Modified 2017-12-06 16:24:27

Version Specific Information:

Cucumber 1.0 i686fixed in rsync-3.1.2-i686-6
Cucumber 1.0 x86_64fixed in rsync-3.1.2-x86_64-6

Cucumber 1.1 i686 fixed in rsync-3.1.2-i686-6
Cucumber 1.1 x86_64 fixed in rsync-3.1.2-x86_64-6


=================================== Overview ===================================


The recv_files function in receiver.c in the daemon in rsync 3.1.2, and
3.1.3-development before 2017-11-03, proceeds with certain file metadata updates
before checking for a filename in the daemon_filter_list data structure, which
allows remote attackers to bypass intended access restrictions.

================================= Our Analysis =================================

----- Affected Products -----

Rsync version 3.1.2 that has not had the patch;a=patch;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
applied is vulnerable to this vulnerability. This includes rsync as origianlly
packaged in Cucumber Linux 1.0 and 1.1.

At this time, we are unsure whether other versions of Rsync are affected.

----- Scope and Impact of this Vulnerability -----

Allows for remote attackers to bypass access restrictions. 

----- Fix for this Vulnerability -----

This vulnerability can be fixed by applying the patch from;a=patch;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51

================================= Our Solution =================================

We have applied the patch;a=commit;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
and rebuilt rsync.