Vulnerabilities > CVE-2008-1720 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samba Rsync
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Overflow Buffers Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
- Client-side Injection-induced Buffer Overflow This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
- Filter Failure through Buffer Overflow In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
- MIME Conversion An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1545.NASL description Sebastian Krahmer discovered that an integer overflow in rsync last seen 2020-06-01 modified 2020-06-02 plugin id 31951 published 2008-04-17 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31951 title Debian DSA-1545-1 : rsync - integer overflow code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1545. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(31951); script_version("1.15"); script_cvs_date("Date: 2019/08/02 13:32:21"); script_cve_id("CVE-2008-1720"); script_xref(name:"DSA", value:"1545"); script_name(english:"Debian DSA-1545-1 : rsync - integer overflow"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Sebastian Krahmer discovered that an integer overflow in rsync's code for handling extended attributes may lead to arbitrary code execution." ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2008/dsa-1545" ); script_set_attribute( attribute:"solution", value: "Upgrade the rsync package. For the stable distribution (etch), this problem has been fixed in version 2.6.9-2etch2." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_cwe_id(119); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:rsync"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0"); script_set_attribute(attribute:"patch_publication_date", value:"2008/04/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/04/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"4.0", prefix:"rsync", reference:"2.6.9-2etch2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-600-1.NASL description Sebastian Krahmer discovered that rsync could overflow when handling ACLs. An attacker could construct a malicious set of files that when processed by rsync could lead to arbitrary code execution or a crash. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 31966 published 2008-04-17 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31966 title Ubuntu 7.04 / 7.10 : rsync vulnerability (USN-600-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-600-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(31966); script_version("1.15"); script_cvs_date("Date: 2019/08/02 13:33:02"); script_cve_id("CVE-2008-1720"); script_xref(name:"USN", value:"600-1"); script_name(english:"Ubuntu 7.04 / 7.10 : rsync vulnerability (USN-600-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Sebastian Krahmer discovered that rsync could overflow when handling ACLs. An attacker could construct a malicious set of files that when processed by rsync could lead to arbitrary code execution or a crash. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/600-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected rsync package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_cwe_id(119); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:rsync"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.10"); script_set_attribute(attribute:"patch_publication_date", value:"2008/04/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/04/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(7\.04|7\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 7.04 / 7.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"7.04", pkgname:"rsync", pkgver:"2.6.9-3ubuntu1.2")) flag++; if (ubuntu_check(osver:"7.10", pkgname:"rsync", pkgver:"2.6.9-5ubuntu1.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rsync"); }NASL family SuSE Local Security Checks NASL id SUSE_RSYNC-5207.NASL description A remotely exploitable heap overflow in rsync last seen 2020-06-01 modified 2020-06-02 plugin id 32120 published 2008-05-01 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/32120 title openSUSE 10 Security Update : rsync (rsync-5207) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update rsync-5207. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(32120); script_version ("1.8"); script_cvs_date("Date: 2019/10/25 13:36:33"); script_cve_id("CVE-2008-1720"); script_name(english:"openSUSE 10 Security Update : rsync (rsync-5207)"); script_summary(english:"Check for the rsync-5207 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "A remotely exploitable heap overflow in rsync's xattr code has been fixed. CVE-2008-1720 has been assigned to this issue." ); script_set_attribute(attribute:"solution", value:"Update the affected rsync package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_cwe_id(119); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rsync"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3"); script_set_attribute(attribute:"patch_publication_date", value:"2008/04/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/05/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.3", reference:"rsync-2.6.9-55.6") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rsync"); }NASL family Fedora Local Security Checks NASL id FEDORA_2008-3060.NASL description - Tue Apr 8 2008 Simo Sorce <ssorce at redhat.com> 2.6.9-6.fc7 - Security release: http://rsync.samba.org/security.html#s3_0_2 - Wed Sep 5 2007 Simo Sorce <ssorce at redhat.com> 2.6.9-3.fc7 - Add patch to fix crash bug with hardlinks and ACLs patches Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 31974 published 2008-04-18 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31974 title Fedora 7 : rsync-2.6.9-6.fc7 (2008-3060) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-084.NASL description Sebastian Krahmer of SUSE discovered that rsync could overflow when handling ACLs. An attacker could construct a malicious set of files that, when processed, could lead to arbitrary code execution or a crash (CVE-2008-1720). The updated packages have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 36629 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36629 title Mandriva Linux Security Advisory : rsync (MDVSA-2008:084) NASL family Fedora Local Security Checks NASL id FEDORA_2008-3047.NASL description - Tue Apr 8 2008 Simo Sorce <ssorce at redhat.com> 2.6.9-5.fc8 - Security release: http://rsync.samba.org/security.html#s3_0_2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 31972 published 2008-04-18 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31972 title Fedora 8 : rsync-2.6.9-5.fc8 (2008-3047) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200804-16.NASL description The remote host is affected by the vulnerability described in GLSA-200804-16 (rsync: Execution of arbitrary code) Sebastian Krahmer of SUSE reported an integer overflow in the expand_item_list() function in the file util.c which might lead to a heap-based buffer overflow when extended attribute (xattr) support is enabled. Impact : A remote attacker could send a file containing specially crafted extended attributes to an rsync deamon, or entice a user to sync from an rsync server containing specially crafted files, possibly leading to the execution of arbitrary code. Please note that extended attributes are only enabled when USE= last seen 2020-06-01 modified 2020-06-02 plugin id 32009 published 2008-04-22 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/32009 title GLSA-200804-16 : rsync: Execution of arbitrary code
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 28726 CVE(CAN) ID: CVE-2008-1720 rsync是一个快速增量文件传输工具,用于在同一主机备份内部的备份。 rsync处理扩展属性数据时存在漏洞,如果rsync启用了扩展属性(xattr)支持的话,则负责处理该属性的代码中的整数溢出漏洞可能导致执行任意指令。 rsync rsync 2.6.9 - 3.0.1 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1545-1)以及相应补丁: DSA-1545-1:New rsync packages fix arbitrary code execution 链接:<a href=http://www.debian.org/security/2008/dsa-1545 target=_blank>http://www.debian.org/security/2008/dsa-1545</a> 补丁下载: Source archives: <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.dsc target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.dsc</a> Size/MD5 checksum: 566 6504d35182ed2141c8d7d2f8152d5fb7 <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9.orig.tar.gz</a> Size/MD5 checksum: 811841 996d8d8831dbca17910094e56dcb5942 <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.diff.gz target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.diff.gz</a> Size/MD5 checksum: 51039 2131acc598dbbe26f9b6f04c0a0d3f2b alpha architecture (DEC Alpha) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_alpha.deb</a> Size/MD5 checksum: 294664 ea644ca8d37211ccbc1f8173e934d45a amd64 architecture (AMD x86_64 (AMD64)) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_amd64.deb</a> Size/MD5 checksum: 272046 0d9e9576b24a245265f9a98d15ce3b0b hppa architecture (HP PA RISC) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_hppa.deb</a> Size/MD5 checksum: 282552 dd5e17e39eeaa712287d166e3346bd7d i386 architecture (Intel ia32) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_i386.deb</a> Size/MD5 checksum: 261454 b68ddd05ba2a02f7a5f6bd9cc7807a2e ia64 architecture (Intel ia64) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_ia64.deb</a> Size/MD5 checksum: 356986 df80d4332478c019d540b07ac16c235f mips architecture (MIPS (Big Endian)) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mips.deb</a> Size/MD5 checksum: 286532 21aeda2221c4b31c2f19296b58654222 mipsel architecture (MIPS (Little Endian)) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mipsel.deb</a> Size/MD5 checksum: 287282 0c750c3cf7089ad7e7ea3d9d273df9b9 powerpc architecture (PowerPC) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_powerpc.deb</a> Size/MD5 checksum: 275184 6d81a7a14422fd5bc7c89bd755320e80 s390 architecture (IBM S/390) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_s390.deb</a> Size/MD5 checksum: 278828 5300915466913e7832a3649ba701d49e sparc architecture (Sun SPARC/UltraSPARC) <a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_sparc.deb</a> Size/MD5 checksum: 264144 885fc97a390e1db66290805c06e35947 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade rsync ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://samba.anu.edu.au/rsync/download.html target=_blank>http://samba.anu.edu.au/rsync/download.html</a> <a href=http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff target=_blank>http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff</a> |
| id | SSV:3171 |
| last seen | 2017-11-19 |
| modified | 2008-04-15 |
| published | 2008-04-15 |
| reporter | Root |
| title | Rsync xattr支持整数溢出漏洞 |
Statements
| contributor | Joshua Bressers |
| lastmodified | 2008-04-15 |
| organization | Red Hat |
| statement | Not vulnerable. This issue did not affect versions of rsync as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5. |
References
- http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff
- http://samba.anu.edu.au/rsync/security.html#s3_0_2
- http://sourceforge.net/project/shownotes.php?release_id=591462&group_id=69227
- http://www.debian.org/security/2008/dsa-1545
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:084
- http://secunia.com/advisories/29668
- http://secunia.com/advisories/29770
- http://secunia.com/advisories/29777
- http://secunia.com/advisories/29781
- http://www.securityfocus.com/bid/28726
- http://www.securitytracker.com/id?1019835
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00237.html
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00247.html
- http://security.gentoo.org/glsa/glsa-200804-16.xml
- http://www.osvdb.org/44368
- http://www.osvdb.org/44369
- http://secunia.com/advisories/29856
- http://secunia.com/advisories/29861
- http://secunia.com/advisories/29788
- http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
- http://marc.info/?l=bugtraq&m=125017764422557&w=2
- http://www.vupen.com/english/advisories/2008/1215/references
- http://www.vupen.com/english/advisories/2008/1191/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41766
- https://usn.ubuntu.com/600-1/
- http://www.mail-archive.com/rsync-announce%40lists.samba.org/msg00057.html