Lucene search
K

2463 matches found

Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.33 views

Mandrake Linux Security Advisory : rsync (MDKSA-2002:009)

Sebastian Krahmer of the SuSE Security Team performed an audit on the rsync tool and discovered that in several places signed and unsigned numbers were mixed, with the end result being insecure code. These flaws could be abused by remote users to write 0 bytes into rsync's memory and trick rsync...

10CVSS6AI score0.34016EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.34 views

SuSE-SA:2003:050: rsync

The remote host is missing the patch for the advisory SuSE-SA:2003:050 rsync. The rsync suite provides client and server tools to easily support an administrator keeping the files of different machines in sync. In most private networks the rsync client tool is used via SSH to fulfill his tasks. I...

7.5CVSS6.2AI score0.21157EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/07/23 12:0 a.m.34 views

Fedora Core 1 : rsync-2.5.7-2 (2003-030)

A heap overflow bug exists in rsync versions prior to 2.5.7. On machines where the rsync server has been enabled, a remote attacker could use this flaw to execute arbitrary code as an unprivileged user. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name...

7.5CVSS6AI score0.21157EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2004/07/23 12:0 a.m.23 views

Fedora Core 1 : rsync-2.5.7-5.fc1 (2004-116)

Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot. This could allow a remote attacker to write files outside of the module's 'path', depending on the privileges assigned to the rsync daemon. Users not running an rsync daemon, running a...

5CVSS5.3AI score0.03404EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2004/07/12 12:0 a.m.30 views

rsync: Directory traversal in rsync daemon

Background rsync is a utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo's Portage tree. rsyncd is the rsync daemon, which listens to connections from rsync clients. Description When rsyncd is used...

5CVSS6.3AI score0.03404EPSS
Exploits0
NVD
NVD
added 2004/07/07 4:0 a.m.23 views

CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

5CVSS6.5AI score0.03404EPSS
Exploits0References23
OSV
OSV
added 2004/07/07 4:0 a.m.9 views

CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

6.4AI score
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.38 views

FreeBSD : rsync buffer overflow in server mode (167)

The following package needs to be updated: rsync %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg5729b8ed5d7511d880e30020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

6.4AI score0.21157EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.30 views

FreeBSD : rsync path traversal issue (168)

The following package needs to be updated: rsync %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg73ea07069c5711d893660020ed76ef5a.nasl. Disabled on 2011/10/01. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

6.4AI score0.03404EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.29 views

RHEL 2.1 / 3 : rsync (RHSA-2004:192)

An updated rsync package that fixes a directory traversal security flaw is now available. Rsync is a program for synchronizing files over a network. Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot. This could allow a remote attacker to wri...

5CVSS5.3AI score0.03404EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.35 views

RHEL 2.1 / 3 : rsync (RHSA-2003:399)

Updated rsync packages are now available that fix a heap overflow in the Rsync server. rsync is a program for sychronizing files over the network. A heap overflow bug exists in rsync versions prior to 2.5.7. On machines where the rsync server has been enabled, a remote attacker could use this fla...

7.5CVSS6.1AI score0.21157EPSS
Exploits1References4
Debian
Debian
added 2004/06/02 7:9 p.m.31 views

[SECURITY] [DSA 499-2] New rsync packages fix directory traversal bug

-------------------------------------------------------------------------- Debian Security Advisory DSA 499-2 [email protected] http://www.debian.org/security/ Matt Zimmerman June 2nd, 2004 http://www.debian.org/security/faq -...

5CVSS5.9AI score0.03404EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2004/05/19 7:3 p.m.4 views

security flaw

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

5CVSS5.9AI score0.03404EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2004/05/19 7:3 p.m.31 views

Important: Red Hat Security Advisory: rsync security update

An updated rsync package that fixes a directory traversal security flaw is now available. Rsync is a program for synchronizing files over a network. Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot. This could allow a remote attacker to wri...

5CVSS5.8AI score0.03404EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/05/06 12:0 a.m.33 views

rsync Traversal Arbitrary File Creation

The remote rsync server might be vulnerable to a path traversal issue. An attacker may use this flaw to gain access to arbitrary files hosted outside of a module directory. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid12230; scriptversion "1.15";...

5CVSS5.6AI score0.03404EPSS
Exploits0References1
Slackware Linux
Slackware Linux
added 2004/05/03 1:6 p.m.36 views

rsync update

New rsync packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a security issue. When running an rsync server without the chroot option it is possible for an attacker to write outside of the allowed directory. Any sites running rsync in that mode should upgrade right away and...

5CVSS6.3AI score0.03404EPSS
Exploits0
Debian
Debian
added 2004/05/02 2:4 a.m.20 views

[SECURITY] [DSA 499-1] New rsync packages fix directory traversal bug

-------------------------------------------------------------------------- Debian Security Advisory DSA 499-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 1st, 2004 http://www.debian.org/security/faq -...

5CVSS5.9AI score0.03404EPSS
Exploits0
securityvulns
securityvulns
added 2004/05/02 12:0 a.m.66 views

[Full-Disclosure] [SECURITY] [DSA 499-1] New rsync packages fix directory traversal bug

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 499-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 1st, 2004 http://www.debian.org/security/faq -...

5CVSS1.2AI score0.03404EPSS
Exploits0
OSV
OSV
added 2004/05/01 12:0 a.m.27 views

DSA-499 rsync - directory traversal

Bulletin has no description...

5CVSS6AI score0.03404EPSS
Exploits0
Cvelist
Cvelist
added 2004/04/30 4:0 a.m.20 views

CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

6.3AI score0.03404EPSS
Exploits0References23
Rows per page
Query Builder