90 matches found
Debian dla-4015 : rsync - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4015 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4015-2 [email protected] https://www.debian.org/lts/security/...
K5165: rsync directory traversal vulnerability CAN-2004-0792
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
rsync security and enhancement update
3.1.3-19 - Resolves: 2116668 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field 3.1.3-18 - Resolves: 2111175 - remote arbitrary files write inside the directories of connecting peers 3.1.3-17 - Related: 2043753 - New option should...
MGASA-2022-0302 Updated rsync packages fix security vulnerability
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
OESA-2022-1853 rsync security update
Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...
DLA-2833-1 rsync - security update
Bulletin has no description...
EUVD-2019-13103
Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...
SUSE-SU-2018:0117-1 Security update for rsync
This update for rsync fixes the following issues: Security issues fixed: - CVE-2017-17434: The daemon in rsync did not check for fnamecmp filenames in the daemonfilterlist data structure in the recvfiles function in receiver.c and also did not apply the sanitizepaths protection mechanism to...
SUSE-SU-2018:0118-1 Security update for rsync
This update for rsync fixes several issues. These security issues were fixed: - CVE-2017-17434: The daemon in rsync did not check for fnamecmp filenames in the daemonfilterlist data structure in the recvfiles function in receiver.c and also did not apply the sanitizepaths protection mechanism to...
DSA-4068-1 rsync - security update
Bulletin has no description...
SUSE-SU-2016:1866-1 Security update for rsync
rsync was updated to fix one security issue. - CVE-2014-9512: rsync allowed remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path bsc915410...
SUSE-SU-2016:0176-1 Security update for rsync
This update for rsync fixes two security issues: - CVE-2014-8242: Checksum collisions leading to a denial of service bsc900914 - CVE-2014-9512: Malicious servers could send files outside of the transferred directory bsc915410...
SUSE-SU-2016:0173-1 Security update for rsync
This update for rsync fixes two security issues and two non-security bugs. The following vulnerabilities were fixed: - CVE-2014-8242: Checksum collisions leading to a denial of service bsc900914 - CVE-2014-9512: Malicious servers could send files outside of the transferred directory bsc915410 The...
Slackware: Security Advisory (SSA:2004-285-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: rsync security, bug fix, and enhancement update
An updated rsync package that fixes one security issue, several bugs, and adds enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...
CVE-2007-6199
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy...
[slackware-security] rsync
New rsync 2.6.3 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to a fix security issue when rsync is run as a non-chrooted server. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database:...
Moderate: Red Hat Security Advisory: rsync security update
An updated rsync package that fixes a path sanitizing bug is now available. The rsync program synchronizes files over a network. Versions of rsync up to and including version 2.6.2 contain a path sanitization issue. This issue could allow an attacker to read or write files outside of the rsync...
Fedora Core 1 : rsync-2.5.7-5.fc1.1 (2004-268)
This update backports a security fix to a path-sanitizing flaw that affects rsync when it is used in daemon mode without also using chroot. For more information see http://samba.org/rsync/securityaug04 Note that Tenable Network Security has extracted the preceding description block directly from...