Summary

Security Advisory ID : BSA-2022-2074

Component : rsyncd

Revision : 1.0

CVE-2018-5764: The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism.

Base Score: 7.5 HIGH - Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVE-2017-16548: The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.

Base Score: 9.8 CRITICAL - Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2017-17434: The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in "xname follows" strings (in the read_ndx_and_attrs function in rsync.c), which allows remote attackers to bypass intended access restrictions.

Base Score: 9.8 CRITICALVector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Notes: Brocade Fabric OS does not utilize rsync as a daemon. Brocade Fabric OS is Not Affected by this vulnerability. Security updates are provided in Brocade Fabric OS version v9.1.0 to remove the vulnerable component.

Products Confirmed Not Vulnerable

No other Brocade Fibre Channel Products from Broadcom products are known to be affected by this vulnerability.

Solution

A security update was provided in Brocade Fabric OS v9.1.0 to remove the vulnerable components.

Revision History