83 matches found
MiracleLinux 9 : rsync-3.2.3-9.el9.2 (AXSA:2022-4046:07)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4046:07 advisory. rsync: remote arbitrary files write inside the directories of connecting peers CVE-2022-29154 Tenable has extracted the preceding description block directly...
MiracleLinux 8 : rsync-3.1.3-14.el8.3 (AXSA:2022-3734:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3734:04 advisory. rsync: remote arbitrary files write inside the directories of connecting peers CVE-2022-29154 Tenable has extracted the preceding description block directly...
TencentOS Server 3: rsync (TSSA-2022:0153)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0153 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Security Bulletin: IBM Cloud Pak for Network Automation 2.6.5 fixes multiple security vulnerabilities
Summary IBM Cloud Pak for Network Automation 2.6.5 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2002-0080 DESCRIPTION: rsync could allow a remote attacker to gain elevated privileges on the system. rsync fails to drop privileges for...
Linux Distros Unpatched Vulnerability : CVE-2022-29154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The serv...
Photon OS 4.0: Rsync PHSA-2022-4.0-0223
An update of the rsync package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0223. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
GLSA-202405-22 : rsync: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202405-22 rsync: Multiple Vulnerabilities - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 - A flaw was found in rsync in versions since...
openSUSE: Security Advisory for rsync (SUSE-SU-2022:2959-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Rsync [CVE-2022-29154]
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Rsync, caused by improper validation of file names CVE-2022-29154. Rsync is used as a component of our Speech runtimes. This vulnerabilitiy has been addressed. Please read th...
Rocky Linux 9 : rsync (RLSA-2022:6181)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6181 advisory. - An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The...
Advisory ROSA-SA-2023-2230
Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: rsync-3.1.3.src.rpm CVE-ID: CVE-2018-25032 BDU-ID: 2022-01641 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could...
BELL-CVE-2022-29154 CVE-2022-29154 does not affect BellSoft software
Bulletin has no description...
Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2023-2402)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2023-2204)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2023-1729)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.0 : rsync (EulerOS-SA-2023-1729)
According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...
NewStart CGSL CORE 5.05 / MAIN 5.05 : rsync Vulnerability (NS-SA-2023-0010)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has rsync packages installed that are affected by a vulnerability: - An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The...
Security Bulletin: IBM Security Verify Access Appliance includes components with known vulnerabilities (CVE-2022-29154, CVE-2022-0391)
Summary Multiple Security Vulnerabilities were found in the IBM Security Verify Access ISVA Appliance Operating System layer. These vulnerabilities have been addressed in ISVA 10.0.5.0, which is linked below. Vulnerability Details CVEID:CVE-2022-29154 DESCRIPTION: Rsync could allow a remote...
Amazon Linux 2023 : rsync, rsync-daemon (ALAS2023-2023-002)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-002 advisory. An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has many distant matches. For some rare inputs with a large numbe...
Ubuntu: Security Advisory (USN-5921-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...