Launchpad.net

CVE 2007-6199

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.

Related bugs and status

CVE-2007-6199 (Candidate) is related to these bugs:

Bug #174133: [CVE-2007-6199 and CVE-2007-6200] rsync is vulnerable

Summary				In	Importance	Status
	174133	[CVE-2007-6199 and CVE-2007-6200] rsync is vulnerable		rsync (Ubuntu)	High	Fix Released
	174133	[CVE-2007-6199 and CVE-2007-6200] rsync is vulnerable		rsync (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://rsync.samba.org...
BID: 26638
SECTRACK: 1019012
SECUNIA: 27863
CONFIRM: http://wiki.rpath.com/...
SECUNIA: 27853
MANDRIVA: MDVSA-2008:011
SUSE: SUSE-SR:2008:001
SECUNIA: 28412
SECUNIA: 28457
APPLE: APPLE-SA-2008-07-31
SECUNIA: 31326
VUPEN: ADV-2007-4057
VUPEN: ADV-2008-2268
CONFIRM: http://support.f5.com/...
SECUNIA: 61005
BUGTRAQ: 20080212 FLEA-2008-000...