Author Topic: Rsync Vulnerabilities  (Read 356 times)

0 Members and 1 Guest are viewing this topic.

Online SiliconWizardTopic starter

  • Super Contributor
  • ***
  • Posts: 15963
  • Country: fr
Rsync Vulnerabilities
« on: January 18, 2025, 04:17:27 am »
 

Offline golden_labels

  • Super Contributor
  • ***
  • Posts: 1509
  • Country: pl
Re: Rsync Vulnerabilities
« Reply #1 on: January 18, 2025, 05:44:12 am »
Update to 3.4.1, not 3.4.0. One of the original fixes introduced a new bug.

Also don’t panic. This vulnerability set is a huge pain to those affected. However, only a very small portion of users is exposed.

Naked, anonymous rsync servers are nowadays used primarily for content dissemination. In other cases it’s tunneled over SSH and requires authentication. Even the vulnerable instances, if run on a reasonably well configured system, are containerized.

I suspect we will see a rise in botnets size, eagerly eating unupdated mirrors. But not much more at a large scale. It’s not like the world is devastated, because of how ubiquitous rsync is.




« Last Edit: January 18, 2025, 05:51:38 am by golden_labels »
People imagine AI as T1000. What we got so far is glorified T9.
 

Online SiliconWizardTopic starter

  • Super Contributor
  • ***
  • Posts: 15963
  • Country: fr
Re: Rsync Vulnerabilities
« Reply #2 on: January 18, 2025, 06:54:46 am »
Ah yes, the initial fix was apparently fun. I have looked at the original source code, but not at the fix in 3.4.0 yet - curious to see what they did here.

Yes, it's not too bad in practice. But the case is interesting.
 

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 4476
  • Country: gb
Re: Rsync Vulnerabilities
« Reply #3 on: January 18, 2025, 10:33:14 am »
Running 2009 version  :o :o :o
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 

Offline DiTBho

  • Super Contributor
  • ***
  • Posts: 4476
  • Country: gb
Re: Rsync Vulnerabilities
« Reply #4 on: January 18, 2025, 10:36:35 am »
My only use case:
Gentoo: emerge --sync
To update the portage.

No panic.
The opposite of courage is not cowardice, it is conformity. Even a dead fish can go with the flow
 

Offline golden_labels

  • Super Contributor
  • ***
  • Posts: 1509
  • Country: pl
Re: Rsync Vulnerabilities
« Reply #5 on: January 18, 2025, 03:47:35 pm »
Yes, it's not too bad in practice. But the case is interesting.
I’d say it’s in that weird quadrant of bad, where also staph sits.

My post was mostly meant to counter news reports, which just copy paste data from Shodan in an attempt to make headlines more scary.
People imagine AI as T1000. What we got so far is glorified T9.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf