Guardian Digital Inc. Information for VU#325603

Integer overflow vulnerability in rsync

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

+------------------------------------------------------------------------+
| Guardian Digital Security Advisory                   December 04, 2003 |
| http://www.guardiandigital.com                        ESA-20031204-032 |
|                                                                        |
| Package: rsync                                                         |
| Summary: heap overflow vulnerability                                   |
+------------------------------------------------------------------------+


  EnGarde Secure Linux is an enterprise class Linux platform engineered
 to enable corporations to quickly and cost-effectively build a complete
 and secure Internet presence while preventing Internet threats.


OVERVIEW
- --------
 A heap overflow vulnerability has been discovered in all versions of
 rsync prior to 2.5.7.  This vulnerability, exploitable when rsync is
 being run in "server mode", may allow the attacker to run arbitrary
 code on the compromised server.


  Guardian Digital has backported these fixes to version 2.4.6.

  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
 assigned the name CAN-2003-0962 to this issue.


  Guardian Digital products affected by this issue include:

    EnGarde Secure Community v1.0.1
   EnGarde Secure Community v2
   EnGarde Secure Professional v1.1
   EnGarde Secure Professional v1.2
   EnGarde Secure Professional v1.5


  It is recommended that all users apply this update as soon as possible.

SOLUTION
- --------
 Guardian Digital Secure Network subscribers may automatically update
 affected systems by accessing their account from within the Guardian
 Digital WebTool.


  To modify your GDSN account and contact preferences, please go to:

    https://www.guardiandigital.com/account/

  Below are MD5 sums for the updated EnGarde Secure Linux 1.0.1 packages:

    SRPMS/rsync-2.4.6-1.0.7.src.rpm
     MD5 Sum: 0059b139dce38f237019ae64a5dfbd84


    i386/rsync-2.4.6-1.0.7.i386.rpm
     MD5 Sum: 3d6cba56a9ccf244f7078cdfc1704b5d


    i686/rsync-2.4.6-1.0.7.i686.rpm
     MD5 Sum: 68392cd5df92513f75107c037e7c6a29


REFERENCES
- ----------
 Guardian Digital's public key:
   http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY


  rsync's Official Web Site:
   http://rsync.samba.org


  Guardian Digital Advisories:
   http://infocenter.guardiandigital.com/advisories/


  Security Contact: security@guardiandigital.com

- --------------------------------------------------------------------------
Author: Ryan W. Maple <ryan@guardiandigital.com>
Copyright 2003, Guardian Digital, Inc.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)


iD8DBQE/z4wBHD5cqd57fu0RAtoCAKCOn4ObAhwgBnVw/iFSd+Gne8kliACeMrtV
Y2hQtIKhRq9ZZspp/BpPoDc=
=TrBp
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
    To unsubscribe email engarde-security-request@engardelinux.org
        with "unsubscribe" in the subject of the message.


Copyright(c) 2003 Guardian Digital, Inc.             GuardianDigital.com
------------------------------------------------------------------------

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.