subject:"Bug#365614\: rsync\: Integer overflow in the receive_xattr function \(remote exploit\)"

Bug#365614: rsync: Integer overflow in the receive_xattr function (remote exploit)

2006-05-01 Thread Paul Slootman

On Mon 01 May 2006, Jay Kline wrote: > Package: rsync > Version: 2.6.4-6 > Severity: grave > Tags: security > Justification: user security hole > > > Integer overflow in the receive_xattr function in the extended > attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers > to exec

Bug#365614: rsync: Integer overflow in the receive_xattr function (remote exploit)

2006-05-01 Thread Jay Kline

Package: rsync Version: 2.6.4-6 Severity: grave Tags: security Justification: user security hole Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that tr