What is the severity of CVE-2007-6199?

CVE-2007-6199 has a moderate severity rating due to its potential to allow remote access to restricted files.

How do I fix CVE-2007-6199?

To fix CVE-2007-6199, upgrade rsync to version 3.0.0pre6 or later and ensure the rsync daemon is running with a chroot environment.

What systems are affected by CVE-2007-6199?

CVE-2007-6199 affects rsync versions before 3.0.0pre6 on various Linux distributions including Slackware.

What type of attack does CVE-2007-6199 facilitate?

CVE-2007-6199 facilitates attacks that exploit the ability to create symbolic links, potentially allowing unauthorized file access.

Is CVE-2007-6199 still a concern today?

While CVE-2007-6199 pertains to older versions of rsync, environments using outdated software may still be vulnerable.

Vulnerability/
CVE-2007-6199

critical

9.3

CWE

1/12/2007

15/10/2018

CVE-2007-6199

First published: Sat Dec 01 2007(Updated: )

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Slackware Linux	=8.1
Slackware Linux	=9.0
Slackware Linux	=9.1
Slackware Linux	=10.0
Slackware Linux	=10.1
Slackware Linux	=10.2
Slackware Linux	=11.0
Slackware Linux	=12.0
rsync rsync	=2.3.1
rsync rsync	=2.3.2
rsync rsync	=2.3.2_1.2alpha
rsync rsync	=2.3.2_1.2arm
rsync rsync	=2.3.2_1.2intel
rsync rsync	=2.3.2_1.2m68k
rsync rsync	=2.3.2_1.2ppc
rsync rsync	=2.3.2_1.2sparc
rsync rsync	=2.3.2_1.3
rsync rsync	=2.4.0
rsync rsync	=2.4.1
rsync rsync	=2.4.3
rsync rsync	=2.4.4
rsync rsync	=2.4.5
rsync rsync	=2.4.6
rsync rsync	=2.4.8
rsync rsync	=2.5.0
rsync rsync	=2.5.1
rsync rsync	=2.5.2
rsync rsync	=2.5.3
rsync rsync	=2.5.4
rsync rsync	=2.5.5
rsync rsync	=2.5.6
rsync rsync	=2.5.7
rsync rsync	=2.6
rsync rsync	=2.6.1
rsync rsync	=2.6.2
rsync rsync	=2.6.5
rsync rsync	=2.6.6
rsync rsync	=2.6.7
rsync rsync	=2.6.8
rsync rsync	=2.6.9

Remedy

http://www.securityfocus.com/bid/26638

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-6199?
CVE-2007-6199 has a moderate severity rating due to its potential to allow remote access to restricted files.
How do I fix CVE-2007-6199?
To fix CVE-2007-6199, upgrade rsync to version 3.0.0pre6 or later and ensure the rsync daemon is running with a chroot environment.
What systems are affected by CVE-2007-6199?
CVE-2007-6199 affects rsync versions before 3.0.0pre6 on various Linux distributions including Slackware.
What type of attack does CVE-2007-6199 facilitate?
CVE-2007-6199 facilitates attacks that exploit the ability to create symbolic links, potentially allowing unauthorized file access.
Is CVE-2007-6199 still a concern today?
While CVE-2007-6199 pertains to older versions of rsync, environments using outdated software may still be vulnerable.

collector/nvd-historical
agent/type
agent/event
agent/first-publish-date
agent/last-modified-date
agent/remedy
agent/weakness
agent/severity
agent/references
agent/author
agent/description
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/slackware
canonical/slackware linux
version/slackware linux/8.1
version/slackware linux/9.0
version/slackware linux/9.1
version/slackware linux/10.0
version/slackware linux/10.1
version/slackware linux/10.2
version/slackware linux/11.0
version/slackware linux/12.0
vendor/rsync
canonical/rsync rsync
version/rsync rsync/2.3.1
version/rsync rsync/2.3.2
version/rsync rsync/2.3.2_1.2alpha
version/rsync rsync/2.3.2_1.2arm
version/rsync rsync/2.3.2_1.2intel
version/rsync rsync/2.3.2_1.2m68k
version/rsync rsync/2.3.2_1.2ppc
version/rsync rsync/2.3.2_1.2sparc
version/rsync rsync/2.3.2_1.3
version/rsync rsync/2.4.0
version/rsync rsync/2.4.1
version/rsync rsync/2.4.3
version/rsync rsync/2.4.4
version/rsync rsync/2.4.5
version/rsync rsync/2.4.6
version/rsync rsync/2.4.8
version/rsync rsync/2.5.0
version/rsync rsync/2.5.1
version/rsync rsync/2.5.2
version/rsync rsync/2.5.3
version/rsync rsync/2.5.4
version/rsync rsync/2.5.5
version/rsync rsync/2.5.6
version/rsync rsync/2.5.7
version/rsync rsync/2.6
version/rsync rsync/2.6.1
version/rsync rsync/2.6.2
version/rsync rsync/2.6.5
version/rsync rsync/2.6.6
version/rsync rsync/2.6.7
version/rsync rsync/2.6.8
version/rsync rsync/2.6.9

Frequently Asked Questions

What is the severity of CVE-2007-6199?
CVE-2007-6199 has a moderate severity rating due to its potential to allow remote access to restricted files.
How do I fix CVE-2007-6199?
To fix CVE-2007-6199, upgrade rsync to version 3.0.0pre6 or later and ensure the rsync daemon is running with a chroot environment.
What systems are affected by CVE-2007-6199?
CVE-2007-6199 affects rsync versions before 3.0.0pre6 on various Linux distributions including Slackware.
What type of attack does CVE-2007-6199 facilitate?
CVE-2007-6199 facilitates attacks that exploit the ability to create symbolic links, potentially allowing unauthorized file access.
Is CVE-2007-6199 still a concern today?
While CVE-2007-6199 pertains to older versions of rsync, environments using outdated software may still be vulnerable.

CVE-2007-6199

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-6199?

How do I fix CVE-2007-6199?

What systems are affected by CVE-2007-6199?

What type of attack does CVE-2007-6199 facilitate?

Is CVE-2007-6199 still a concern today?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2007-6199?

How do I fix CVE-2007-6199?

What systems are affected by CVE-2007-6199?

What type of attack does CVE-2007-6199 facilitate?

Is CVE-2007-6199 still a concern today?