Oval Definition:oval:org.opensuse.security:def:201717433
Revision Date:2022-09-02Version:1
Title:CVE-2017-17433
Description:

The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-17433
SUSE-SU-2018:0117-1
SUSE-SU-2018:0118-1
openSUSE-SU-2018:0101-1
Mitre CVE-2017-17433
SUSE CVE-2017-17433
SUSE-SU-2018:0117-1
SUSE-SU-2018:0118-1
openSUSE-SU-2018:0101-1
Platform(s):openSUSE Leap 42.2
openSUSE Leap 42.3
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • rsync-3.1.0-7.3.1 is installed
  • AND rsync is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • rsync-3.1.0-10 is installed
  • AND rsync is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND rsync-3.0.4-2.53.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND rsync-3.1.0-13.7.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND rsync-3.0.4-2.53.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • OR SUSE Linux Enterprise Desktop 12 SP3 is installed
  • OR SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND rsync-3.1.0-13.13.3 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • OR SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND rsync-3.1.0-13.7.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND rsync-3.0.4-2.53.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND rsync-3.0.4-2.53.3 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND rsync-3.0.4-2.48.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • OR SUSE Linux Enterprise Desktop 12 SP3 is installed
  • OR SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND rsync-3.1.3-1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND rsync-3.1.3-1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • OR SUSE Linux Enterprise Desktop 12 SP3 is installed
  • OR SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND rsync-3.1.0-13.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • AND rsync-3.1.3-1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • AND rsync-3.0.4-2.48.4.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND rsync-3.0.4-2.53.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND rsync-3.0.4-2.53.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND rsync is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13.3 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND rsync-3.1.3-1.19 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND rsync-3.1.0-13.7.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND rsync-3.1.0-13.7.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND rsync is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND rsync-3.1.0-13.7.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND rsync is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • AND rsync-3.1.3-1.19 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND rsync is affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • AND rsync-3.1.0-13.13.3 is installed
    • BACK