CVE-2006-2083

N/A Unknown

Published: April 28, 2006 Modified: April 16, 2026

Description

Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://samba.anu.edu.au/ftp/rsync/rsync-2.6.8-NEWS

Source: secalert@redhat.com

http://secunia.com/advisories/19920

Source: secalert@redhat.com

http://secunia.com/advisories/19964

Source: secalert@redhat.com

http://secunia.com/advisories/20011

Source: secalert@redhat.com

http://www.gentoo.org/security/en/glsa/glsa-200605-05.xml

Source: secalert@redhat.com

http://www.securityfocus.com/bid/17788

Source: secalert@redhat.com

http://www.trustix.org/errata/2006/0024

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2006/1606

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/26208

Source: secalert@redhat.com

http://samba.anu.edu.au/ftp/rsync/rsync-2.6.8-NEWS