2466 matches found
Rsync 安全漏洞
Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. A security vulnerability exists in Rsync that stems from a failure to properly validate whether a symbolic link target contains another symbolic link, leading to a path...
Rsync 安全漏洞
Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. Rsync has a security vulnerability that stems from improper checksum comparisons, resulting in the server being able to enumerate the contents of arbitrary files on the clien...
Rsync 安全漏洞
Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. A security vulnerability exists in Rsync versions prior to 3.4, which stems from the presence of a heap-based buffer overflow that allows an attacker to write out-of-bounds...
Rsync 缓冲区错误漏洞
Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. Rsync suffers from a buffer error vulnerability that stems from improper file checksum comparisons, which allows an attacker to manipulate the length of the checksum value an...
Rsync 安全漏洞
Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. A security vulnerability exists in Rsync that stems from a lack of proper symbolic link validation and de-duplication checking, where the server can write files to a location...
DLA-4015-1 rsync - security update
Bulletin has no description...
DSA-5843-1 rsync - security update
Bulletin has no description...
Amazon Linux 2023 : rsync, rsync-daemon (ALAS2023-2025-800)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-800 advisory. Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE. Details forthcoming CVE-2024-12087 Placeholder CVE. Details forthcoming...
Debian dsa-5843 : rsync - security update
The remote Debian 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5843 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5843-2 [email protected] Debian Security Advisory...
Debian dla-4015 : rsync - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4015 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4015-2 [email protected] https://www.debian.org/lts/security/...
Slackware Linux 15.0 / current rsync Multiple Vulnerabilities (SSA:2025-014-01)
The version of rsync installed on the remote host is prior to 3.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-014-01 advisory. New rsync packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...
Amazon Linux 2 : rsync (ALAS-2025-2730)
The version of rsync installed on the remote host is prior to 3.1.2-11. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2730 advisory. Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : rsync vulnerabilities (USN-7206-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7206-1 advisory. Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly...
Rsync contains six vulnerabilities
Overview Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as storage devices. The discovered vulnerabilities include heap-buffer overflow, information leak,...
Advisory ROSA-SA-2025-2553
Software: rsync 3.1.2 OS: rosa-server79 packageevrstring: rsync-3.1.2-12.0.1.res7 CVE-ID: CVE-2017-16548 BDU-ID: 2021-01395 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the receivexattr function in xattrs.c of the Rsync file transfer and synchronization utility is related to the lack of a check f...
Important: rsync
Issue Overview: Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE. Details forthcoming CVE-2024-12087 Placeholder CVE. Details forthcoming CVE-2024-12088 Placeholder CVE. Details forthcoming CVE-2024-12747 Affected Packages:...
Important: rsync
Issue Overview: Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE. Details forthcoming CVE-2024-12087 Placeholder CVE. Details forthcoming CVE-2024-12088 Placeholder CVE. Details forthcoming CVE-2024-12747 Affected Packages:...
UBUNTU-CVE-2024-48943
A malicious RPKI rsync repository can prevent Fort from finishing its validation run by drip-feeding its content...
UBUNTU-CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...
UBUNTU-CVE-2024-12088
A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the...