Vulnerability CVE-2007-6199

Vulnerability Name:

CVE-2007-6199 (CCN-38784)

Assigned:

2007-11-28

Published:

2007-11-28

Updated:

2018-10-15

Summary:

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

1.9 Low (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N)
1.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-16

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2007-6199

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-07-31

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:001

Source: CCN
Type: rsync Web site
Daemon security fix in 3.0.0pre6 (with a patch for 2.6.9) + one more advisory

Source: CONFIRM
Type: UNKNOWN
http://rsync.samba.org/security.html#s3_0_0

Source: SECUNIA
Type: UNKNOWN
27853

Source: CCN
Type: SA27863
rsync Two Security Bypass Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
27863

Source: SECUNIA
Type: UNKNOWN
28412

Source: SECUNIA
Type: UNKNOWN
28457

Source: CCN
Type: SA31326
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
31326

Source: SECUNIA
Type: UNKNOWN
61005

Source: CCN
Type: SECTRACK ID: 1019012
Rsync Bugs Let Users Bypass Chroot and Exclude/Filter Access Controls

Source: SECTRACK
Type: UNKNOWN
1019012

Source: CCN
Type: Apple Web site
About Security Update 2008-005

Source: CONFIRM
Type: UNKNOWN
http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15549.html

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:011

Source: CCN
Type: OSVDB ID: 39594
rsync Unspecified Restricted File Remote Access

Source: BUGTRAQ
Type: UNKNOWN
20080212 FLEA-2008-0004-1 rsync

Source: BID
Type: Patch
26638

Source: CCN
Type: BID-26638
Rsync Use Chroot Insecure File Creation Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2007-4057

Source: VUPEN
Type: UNKNOWN
ADV-2008-2268

Source: XF
Type: UNKNOWN
rsync-usechroot-security-bypass(38784)

Source: SUSE
Type: SUSE-SR:2008:001
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:12.0:*:*:*:*:*:*:*

AND

cpe:/a:rsync:rsync:2.3.1:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.3.2:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.3.2_1.2alpha:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.3.2_1.2arm:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.3.2_1.2intel:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.3.2_1.2m68k:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.3.2_1.2ppc:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.3.2_1.2sparc:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.3.2_1.3:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.4.0:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.4.1:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.4.3:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.4.4:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.4.5:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.4.6:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.4.8:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.5.0:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.5.1:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.5.2:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.5.3:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.5.4:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.5.5:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.5.6:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.5.7:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.6:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.6.1:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.6.2:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.6.5:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.6.6:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.6.7:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.6.8:*:*:*:*:*:*:*

OR cpe:/a:rsync:rsync:2.6.9:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20076199	V	CVE-2007-6199	2022-06-30
oval:org.opensuse.security:def:42434	P	Security update for cyrus-sasl (Important)	2022-04-13
oval:org.opensuse.security:def:113347	P	rsync-3.2.3-2.6 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31753	P	Security update for net-snmp (Important)	2022-01-05
oval:org.opensuse.security:def:31754	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:31371	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:106754	P	Security update for glib-networking (Important)	2021-12-10
oval:org.opensuse.security:def:26178	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:31711	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:31714	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:31297	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:26153	P	Security update for git (Low)	2021-10-20
oval:org.opensuse.security:def:32207	P	Security update for util-linux (Moderate)	2021-10-19
oval:org.opensuse.security:def:32208	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:31286	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:31285	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:42225	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:26144	P	Security update for libqt5-qtsvg (Moderate)	2021-10-11
oval:org.opensuse.security:def:26121	P	Security update for ntfs-3g_ntfsprogs (Important)	2021-09-07
oval:org.opensuse.security:def:32990	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:26100	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:32159	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:26086	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:32951	P	Security update for xterm (Important)	2021-06-18
oval:org.opensuse.security:def:36287	P	rsync-3.0.4-2.47.28 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42694	P	rsync-3.0.4-2.47.28 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32105	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:32103	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:31190	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:26047	P	Security update for xen (Important)	2021-05-12
oval:org.opensuse.security:def:26040	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:32063	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32061	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32269	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:26206	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:31739	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:31322	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:32247	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:32120	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:31652	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:42043	P	rsync-3.0.4-2.33.82 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35818	P	rsync-3.0.4-2.38.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:36027	P	rsync-3.0.4-2.47.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35636	P	rsync-3.0.4-2.33.82 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31558	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:32000	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:31116	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31471	P	Security update for ppp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31819	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:32562	P	libpoppler-glib4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31595	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31951	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:31493	P	Security update for python	2020-12-01
oval:org.opensuse.security:def:31839	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:32507	P	evolution-data-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33250	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25263	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:25613	P	Security update for libsolv (Moderate)	2020-12-01
oval:org.opensuse.security:def:25905	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26636	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25380	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25710	P	Security update for log4j (Important)	2020-12-01
oval:org.opensuse.security:def:26782	P	man on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25577	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25861	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26352	P	Security update for Mozilla Thunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:25836	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26413	P	Security update for go1.8 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26568	P	java-1_6_0-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31858	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:32601	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32743	P	logrotate on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31494	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:31803	P	Security update for amanda (Moderate)	2020-12-01
oval:org.opensuse.security:def:32313	P	Security update for quagga (Important)	2020-12-01
oval:org.opensuse.security:def:31971	P	Security update for jakarta-commons-collections (Moderate)	2020-12-01
oval:org.opensuse.security:def:32363	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:32529	P	gzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25187	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25391	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:25764	P	Security update for webkitgtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:25919	P	Security update for libplist (Moderate)	2020-12-01
oval:org.opensuse.security:def:25444	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:25794	P	Security update for libssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:26817	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25588	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25918	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26255	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26990	P	mipv6d on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25837	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:26466	P	Security update for irssi (Important)	2020-12-01
oval:org.opensuse.security:def:26612	P	man on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31104	P	Security update for the SUSE Linux Enterprise 11 SP3 Kernel for Teradata (Important)	2020-12-01
oval:org.opensuse.security:def:31880	P	Security update for dhcpcd (Important)	2020-12-01
oval:org.opensuse.security:def:32039	P	Security update for kernel modules packages (Moderate)	2020-12-01
oval:org.opensuse.security:def:32782	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31505	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31860	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:32419	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:32573	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25188	P	Security update for texlive (Moderate)	2020-12-01
oval:org.opensuse.security:def:25472	P	Security update for apache2-mod_perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25817	P	Security update for pidgin-otr (Important)	2020-12-01
oval:org.opensuse.security:def:25963	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:25368	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:25572	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:25945	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:25652	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:26002	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26294	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:27025	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25848	P	Security update for flex, at, bogofilter, cyrus-imapd, kdelibs4, libQtWebKit4, libbonobo, mdbtools, netpbm, openslp, sgmltool, virtuoso, libqt5-qtwebkit (Moderate)	2020-12-01
oval:org.opensuse.security:def:26515	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27250	P	ofed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31105	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:31414	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:31770	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:31924	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:31503	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31895	P	Security update for MozillaFirefox, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:31579	P	Security update for supportutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:31947	P	Security update for gpg2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31765	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32468	P	Security update for xorg-x11-libs (Moderate)	2020-12-01
oval:org.opensuse.security:def:33211	P	nagios-nrpe on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25199	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25529	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25866	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26601	P	libsamplerate on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25369	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25653	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25998	P	Security update for libreoffice (Important)	2020-12-01
oval:org.opensuse.security:def:25576	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25780	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:26308	P	Security update for python modules (Low)	2020-12-01
oval:org.opensuse.security:def:25912	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:26262	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26554	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27285	P	rsync on GA media (Moderate)	2020-12-01

BACK