81 matches found
The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files involves the generation of invalid tokens and checksums during the copying process. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the `-safe-links` configuration in the rsyncd daemon’s utility for transferring and synchronizing files allows a hacker to write arbitrary files.
The vulnerability of the -safe-links configuration in the rsyncd daemon’s utility for transferring and synchronizing files involves bypassing the directory path check, resulting in the absence of symbolic link checks. Exploiting this vulnerability allows a remote attacker to write arbitrary files...
The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files allows a attacker to bypass ASLR protection and gain unauthorized access to protected information.
The vulnerability of the rsyncd utility for transferring and synchronizing Rsync files is related to the execution of operations outside the buffer boundaries in memory, as a result of incorrect comparison of file checksums. Exploiting this vulnerability can allow an attacker to bypass ASLR...
The vulnerability in the `-inc-recursive` configuration of the rsyncd daemon’s utility for transferring and synchronizing files allows a attacker to write arbitrary files.
The vulnerability of the -inc-recursive configuration of the rsyncd daemon, a utility for transferring and synchronizing files, involves traversing directory paths without checking for symbolic links, along with checks for duplication. Exploiting this vulnerability allows an attacker to write...
SUSE CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
AZL-55691 CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
AZL-55646 CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer. Rapid7 Analysis...
ALPINE-CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
DEBIAN-CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
CVE-2024-12084 Rsync: heap buffer overflow in rsync due to improper checksum length handling
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
CVE-2024-12084 Rsync: heap buffer overflow in rsync due to improper checksum length handling
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. Mitigation Seei...
CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer. Mitigation Red Hat...
Amazon Linux 2023 : rsync, rsync-daemon (ALAS2023-2025-800)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-800 advisory. Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE. Details forthcoming CVE-2024-12087 Placeholder CVE. Details forthcoming...