Lucene search
GoogleOSV:DSA-3130-1HistoryJan 16, 2015 - 12:00 a.m.
lsyncd - security update
2015-01-1600:00:00
Google
osv.dev
6
0.005 Low
EPSS
Percentile
77.2%
It was discovered that lsyncd, a daemon to synchronize local directories
using rsync, performed insufficient sanitising of filenames which might
result in the execution of arbitrary commands.
For the stable distribution (wheezy), this problem has been fixed in
version 2.0.7-3+deb7u1.
For the upcoming stable distribution (jessie), this problem has been
fixed in version 2.1.5-2.
For the unstable distribution (sid), this problem has been fixed in
version 2.1.5-2.
We recommend that you upgrade your lsyncd packages.
References
Related
prion
prion
Code injection
2014-12-05 16:59:00
nessus
nessus
Fedora 20 : lsyncd-2.1.4-4.fc20.1 (2014-15393)
2014-12-03 00:00:00
GLSA-201702-05 : Lsyncd: Remote execution of arbitrary code
2017-02-13 00:00:00
Debian DSA-3130-1 : lsyncd - security update
2015-01-19 00:00:00
openvas
openvas
Fedora Update for lsyncd FEDORA-2014-15338
2015-01-05 00:00:00
Fedora Update for lsyncd FEDORA-2014-15373
2014-12-03 00:00:00
Fedora Update for lsyncd FEDORA-2014-15393
2014-12-03 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: lsyncd-2.1.5-6.fc21
2014-12-06 10:10:03
[SECURITY] Fedora 20 Update: lsyncd-2.1.4-4.fc20.1
2014-12-03 01:00:59
[SECURITY] Fedora 19 Update: lsyncd-2.1.4-4.fc19.1
2014-12-03 01:04:35
ubuntucve
ubuntucve
CVE-2014-8990
2014-12-05 00:00:00
debian
debian
[SECURITY] [DSA 3130-1] lsyncd security update
2015-01-16 22:05:06
nvd
nvd
CVE-2014-8990
2014-12-05 16:59:11
gentoo
gentoo
Lsyncd: Remote execution of arbitrary code
2017-02-10 00:00:00
debiancve
debiancve
CVE-2014-8990
2014-12-05 16:59:11
cvelist
cvelist
CVE-2014-8990
2014-12-05 16:00:00
cve
cve
CVE-2014-8990
2014-12-05 16:59:11