19 matches found
Exploit for Heap-based Buffer Overflow in Samba Rsync
CVE-2024-120...
TencentOS Server 4: rsync (TSSA-2025:0040)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0040 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Advisory ROSA-SA-2025-2976
Software: rsync 3.4.1 OS: ROSA-CHROME unaffected versions = rsync-3.4.1-1 affected versions rsync-3.4.1-1 CVE-ID: CVE-2024-12084 BDU-ID: 2025-00378 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation...
Azure Linux 3.0 Security Update: rsync (CVE-2024-12084)
The version of rsync installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12084 advisory. - A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of...
CBL Mariner 2.0 Security Update: rsync (CVE-2024-12084)
The version of rsync installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12084 advisory. - A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of...
Mageia: Security Advisory (MGASA-2025-0019)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 4.0: Rsync PHSA-2025-4.0-0735
An update of the rsync package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0735. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Ubuntu: Security Advisory (USN-7206-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1
CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1
CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1. An upgraded version of the package is available that resolves this issue...
Fedora 40 : rsync (2025-73c1f25730)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-73c1f25730 advisory. New version 3.4.0. Contains fixes for CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747. Tenable has...
openSUSE: Security Advisory for rsync (SUSE-SU-2025:0118-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
CVE-2024-12084
CVE-2024-12084: Rsync daemon heap-based buffer overflow caused by improper handling of attacker-controlled checksum lengths (s2length). When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an out-of-bounds write to sum2 is possible. Public advisories confirm this bug affects rsync version...
CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
Debian: Security Advisory (DSA-5843-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7206-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-12084
creationtimestamp| type| source ---|---|--- 2024-10-30 07:06:34+00:00| seen| https://git.samba.org/?p=rsync.git;a=commit;h=0902b52f6687b1f7952422080d50b93108742e53 2024-11-05 20:01:03+00:00| seen| https://git.samba.org/?p=rsync.git;a=commit;h=42e2b56c4ede3ab164f9a5c6dae02aa84606a6c1 2025-01-14...