CVE-2008-1720

N/A Unknown
Published: April 10, 2008 Modified: April 23, 2026
View on NVD

Description

Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
Source: secalert@redhat.com
http://marc.info/?l=bugtraq&m=125017764422557&w=2
Source: secalert@redhat.com
http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff
Source: secalert@redhat.com
Patch
http://samba.anu.edu.au/rsync/security.html#s3_0_2
Source: secalert@redhat.com
Patch
http://secunia.com/advisories/29668
Source: secalert@redhat.com
http://secunia.com/advisories/29770
Source: secalert@redhat.com
http://secunia.com/advisories/29777
Source: secalert@redhat.com
http://secunia.com/advisories/29781
Source: secalert@redhat.com
http://secunia.com/advisories/29788
Source: secalert@redhat.com
http://secunia.com/advisories/29856
Source: secalert@redhat.com
http://secunia.com/advisories/29861
Source: secalert@redhat.com
http://security.gentoo.org/glsa/glsa-200804-16.xml
Source: secalert@redhat.com
http://sourceforge.net/project/shownotes.php?release_id=591462&group_id=69227
Source: secalert@redhat.com
http://www.debian.org/security/2008/dsa-1545
Source: secalert@redhat.com
http://www.mail-archive.com/rsync-announce%40lists.samba.org/msg00057.html
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2008:084
Source: secalert@redhat.com
http://www.osvdb.org/44368
Source: secalert@redhat.com
http://www.osvdb.org/44369
Source: secalert@redhat.com
http://www.securityfocus.com/bid/28726
Source: secalert@redhat.com
http://www.securitytracker.com/id?1019835
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2008/1191/references
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2008/1215/references
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/41766
Source: secalert@redhat.com
https://usn.ubuntu.com/600-1/
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00237.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00247.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=bugtraq&m=125017764422557&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://samba.anu.edu.au/rsync/security.html#s3_0_2
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://secunia.com/advisories/29668
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/29770
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/29777
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/29781
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/29788
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/29856
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/29861
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-200804-16.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://sourceforge.net/project/shownotes.php?release_id=591462&group_id=69227
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2008/dsa-1545
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mail-archive.com/rsync-announce%40lists.samba.org/msg00057.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2008:084
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/44368
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/44369
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/28726
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1019835
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/1191/references
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/1215/references
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/41766
Source: af854a3a-2127-422b-91ae-364da2661108
https://usn.ubuntu.com/600-1/
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00237.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00247.html
Source: af854a3a-2127-422b-91ae-364da2661108

52 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
8.4%
92th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

samba

Related CVEs

CVE-2026-42615 7.2
CVE-2026-23773 4.3
CVE-2026-40560 N/A
CVE-2026-7363 N/A
CVE-2026-7361 N/A