Lucene search
K

2466 matches found

UbuntuCve
UbuntuCve
added 2007/08/16 12:17 a.m.34 views

CVE-2007-4091

Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function...

6.8CVSS7.6AI score0.03345EPSS
Exploits0References2
Snyk
Snyk
added 2007/08/16 12:17 a.m.3 views

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution. Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function. Remediation...

6.8CVSS8.1AI score0.03345EPSS
Exploits0References2
OSV
OSV
added 2007/08/16 12:17 a.m.5 views

CVE-2007-4091

Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function...

6.8CVSS7.4AI score0.03345EPSS
Exploits0References24
OSV
OSV
added 2007/08/16 12:17 a.m.2 views

DEBIAN-CVE-2007-4091

Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function...

6.8CVSS9.3AI score0.03345EPSS
Exploits0References1
CVE
CVE
added 2007/08/16 12:0 a.m.71 views

CVE-2007-4091

CVE-2007-4091 concerns rsync 2.6.9 where multiple off-by-one errors in sender.c (in the f_name handling) could allow remote attackers to execute arbitrary code. The description is consistently stated across multiple sources tied to rsync, highlighting the vulnerable component as sender.c and the ...

6.8CVSS7.2AI score0.03345EPSS
Exploits0References24Affected Software1
Cvelist
Cvelist
added 2007/08/16 12:0 a.m.39 views

CVE-2007-4091

Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function...

7.3AI score0.03345EPSS
Exploits0References24
FreeBSD
FreeBSD
added 2007/08/15 12:0 a.m.29 views

rsync -- off by one stack overflow

BugTraq reports: The rsync utility is prone to an off-by-one buffer-overflow vulnerability. This issue is due to a failure of the application to properly bounds-check user-supplied input. Successfully exploiting this issue may allow arbitrary code-execution in the context of the affected utility...

6.8CVSS6.2AI score0.03345EPSS
Exploits0
F5 Networks
F5 Networks
added 2007/05/16 12:0 a.m.26 views

SOL5165 - rsync directory traversal vulnerability - CAN-2004-0792

Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files. Information about this advisory is available at the following location:...

6.4CVSS2.5AI score0.02317EPSS
Exploits0
Slackware Linux
Slackware Linux
added 2007/04/03 11:22 p.m.34 views

[slackware-security] file [and bin package]

New file packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and -current to fix a security issue. NOTE: In Slackware 11.0 and earlier, the file utility was part of the required "bin" package, so this patch is needed even if your machine does not have a "file" package...

9.3CVSS9.4AI score0.12226EPSS
Exploits1
Prion
Prion
added 2007/02/03 12:28 a.m.22 views

Buffer overflow

Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including 1 rdist, 2 rsh, 3 rcp, 4 rsync, and 5 rlogin...

4.6CVSS8AI score0.00488EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.31 views

Fedora Core 5 : rsync-2.6.8-1.FC5 (2006-599)

Mon May 8 2006 Jay Fenlason 2.6.8-1.FC5 - New upstream release - Use the upstream xattr patch instead of mine. This closes bz190208 CVE-2006-2083 rsync buffer overflow issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

7.5CVSS5.6AI score0.03633EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.21 views

Fedora Core 4 : rsync-2.6.8-1.FC4 (2006-601)

Fri May 26 2006 Jay Fenlason 2.6.8-1.FC4 - Upgrade to 2.6.8, which closes bz190208 CVE-2006-2083 rsync buffer overflow issue by switching from my xattrs patch to the upstream one. This also obsoletes the -address patch. Note that Tenable Network Security has extracted the preceding description...

7.5CVSS5.7AI score0.03633EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.21 views

FreeBSD : scponly -- local privilege escalation exploits (b5a49db7-72fc-11da-9827-021106004fd6)

Max Vozeler reports : If ALL the following conditions are true, administrators using scponly-4.1 or older may be at risk of a local privilege escalation exploit : - the chrooted setuid scponlyc binary is installed - regular non-scponly users have interactive shell access to the box - a user...

5.6AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.26 views

GLSA-200605-05 : rsync: Potential integer overflow

The remote host is affected by the vulnerability described in GLSA-200605-05 rsync: Potential integer overflow An integer overflow was found in the receivexattr function from the extended attributes patch xattr.c for rsync. The vulnerable function is only present when the 'acl' USE flag is set...

7.5CVSS6.1AI score0.03633EPSS
Exploits0References2
securityvulns
securityvulns
added 2006/05/06 12:0 a.m.43 views

[Full-disclosure] [ GLSA 200605-05 ] rsync: Potential integer overflow

Gentoo Linux Security Advisory GLSA 200605-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

7.5CVSS7AI score0.03633EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/05/06 12:0 a.m.39 views

rsync: Potential integer overflow

Background rsync is a server and client utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo's Portage tree. Description An integer overflow was found in the receivexattr function from the extended...

7.5CVSS7.1AI score0.03633EPSS
Exploits0
securityvulns
securityvulns
added 2006/05/06 12:0 a.m.50 views

rsync integer overflow

receivexattr integer overflow...

4.6AI score
Exploits0References1Affected Software1
OSV
OSV
added 2006/04/28 9:2 p.m.5 views

CVE-2006-2083

Integer overflow in the receivexattr function in the extended attributes patch xattr.c for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow...

8AI score
Exploits0References9
UbuntuCve
UbuntuCve
added 2006/04/28 9:2 p.m.27 views

CVE-2006-2083

Integer overflow in the receivexattr function in the extended attributes patch xattr.c for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow...

7.5CVSS6AI score0.03633EPSS
Exploits0References1
Prion
Prion
added 2006/04/28 9:2 p.m.18 views

Integer overflow

Integer overflow in the receivexattr function in the extended attributes patch xattr.c for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow...

7.5CVSS8.1AI score0.03633EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder