2025-01-17 16:36:15 Pacfic
Six vulnerabilities discovered in rsync - 1d
Multiple vulnerabilities have been discovered in rsync, a widely used file transfer program, totaling six distinct security flaws. The most severe of these is a critical remote code execution (RCE) vulnerability identified as CVE-2024-12084. This flaw allows an attacker with only anonymous read access to an rsync server, often found in public mirrors, to execute arbitrary code on the server. This highlights the serious risk facing systems running vulnerable versions of rsync, particularly those with exposed rsync servers. The vulnerability stems from improper handling of checksum lengths.
Other discovered vulnerabilities include information leaks and symlink issues. There is also the potential for an attacker to enumerate the contents of arbitrary files on a client's machine when copying files to a server. To mitigate all six vulnerabilities, users and administrators are strongly advised to upgrade to rsync version 3.4.0, released on January 14th. However, a regression was found in 3.4.0, so version 3.4.1 is now available. It's crucial to apply this patch, especially for systems running the rsyncd daemon.
ImgSrc: img.helpnetsecurity.com
References:
- LWN.net - Six vulnerabilities discovered in rsync - 1d
- Open Source Security - RSYNC: 6 vulnerabilities - 1d
- Privacy Guides Community - Latest topics - 6 critical vulnerabilities in rsync - 1d
- Help Net Security - Rsync vulnerabilities allow remote code execution on servers, patch quickly! - 1d
Classification:
- HashTags: Rsync Vulnerability SecurityPatch
- Target: rsync Servers
- Product: rsync
- Feature: Remote Code Execution
- Type: Vulnerability
- Severity: Major