CyberSec.Space Logo
Back to CVE Browser

CVE-2017-16548

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0070%
EPSS Percentile29.10th
PublishedNov 6, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.

Affected Platforms (CPE)

πŸ“¦
Samba

Rsync

> 2.6.9 and <= 3.1.2
πŸ’»
Canonical

Ubuntu Linux

= 12.04
πŸ’»
Canonical

Ubuntu Linux

= 14.04
πŸ’»
Canonical

Ubuntu Linux

= 16.04
πŸ’»
Canonical

Ubuntu Linux

= 17.10
πŸ’»
Debian

Debian Linux

= 7.0
πŸ’»
Debian

Debian Linux

= 8.0
πŸ’»
Debian

Debian Linux

= 9.0

References & Advisories

πŸ”— https://bugzilla.samba.org/show_bug.cgi?id=13112
πŸ”— https://git.samba.org/rsync.git/?p=rsync.git%3Ba=commit%3Bh=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1
πŸ”— https://lists.debian.org/debian-lts-announce/2017/12/msg00020.html
πŸ”— https://usn.ubuntu.com/3543-1/
πŸ”— https://usn.ubuntu.com/3543-2/
πŸ”— https://www.debian.org/security/2017/dsa-4068
πŸ”— https://bugzilla.samba.org/show_bug.cgi?id=13112
πŸ”— https://git.samba.org/rsync.git/?p=rsync.git%3Ba=commit%3Bh=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1

Related Vulnerabilities

CVE-2007-620010.0

Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclu...

CVE-2015-093210.0

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, ...

CVE-2002-004810.0

Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allo...

CVE-2019-34639.8

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should...