2463 matches found
CVE-2004-0426
CVE-2004-0426 : The rsync daemon (read/write mode) is vulnerable when not using chroot, allowing remote attackers to write files outside the module’s path due to improper path sanitization. Affected: rsync before 2.6.1. Impact: potential arbitrary file creation/overwrite on the target filesystem ...
CVE-2004-0426
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...
rsync path traversal issue
When running rsync in daemon mode, no checks were made to prevent clients from writing outside of a module's path' setting...
rsync 2.5.7 - Local Stack Overflow Local Privilege Escalation
rsync 2.5.7 - Local Stack Overflow Local Privilege Escalation / rsync / Includes for code to daemonize / include include include include // define PATH "/usr/local/bin/rsync" define BUFFSIZE 100 //define RET 0xbffffdfb / 88 bytes portbinding shellcode - linux-x86 - by bighawk bighawk warfare com...
rsync <= 2.5.7 Local stack overflow Root Exploit
Exploit for linux platform in category local exploits ================================================ rsync / Includes for code to daemonize / include include include include // define PATH "/usr/local/bin/rsync" define BUFFSIZE 100 //define RET 0xbffffdfb / 88 bytes portbinding shellcode -...
rsync 2.5.7 - Local Stack Overflow / Local Privilege Escalation
/ rsync / Includes for code to daemonize / include include include include // define PATH "/usr/local/bin/rsync" define BUFFSIZE 100 //define RET 0xbffffdfb / 88 bytes portbinding shellcode - linux-x86 - by bighawk bighawk warfare com This shellcode binds a shell on port 10000 stdin, stdout and...
CVE-2004-2093
Buffer overflow in the opensocketout function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service crash and possibly execute arbitrary code via a long RSYNCPROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional...
DEBIAN-CVE-2004-2093
Buffer overflow in the opensocketout function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service crash and possibly execute arbitrary code via a long RSYNCPROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional...
CVE-2004-2093
Buffer overflow in the opensocketout function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service crash and possibly execute arbitrary code via a long RSYNCPROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional...
Immunity Canvas: RSYNC
Name| rsync ---|--- CVE| CVE-2003-0962 Exploit Pack| CANVAS Description| rsync Notes| CVE Name: CVE-2003-0962 Affected: rsync prior to 2.5.7 rsync.samba.org Patch: http://samba.org/ftp/rsync/old-patches/rsync-2.5.6-2.5.7.diffs.gz NOTE: Because of some of the steps taken in this exploit to make it...
CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
DEBIAN-CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
CVE-2003-0962
CVE-2003-0962 is a heap-based/buffer overflow in rsync versions prior to 2.5.7 when run in server mode. The vulnerability could allow a remote attacker to execute arbitrary code on the rsync server, potentially while in a chroot jail. The issue affects servers listening on port 873. Advisories fr...
CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
Integer overflow vulnerability in rsync
Overview Some versions of the rsync program contain a remotely exploitable vulnerability. This vulnerability may allow an attacker to execute arbitrary code on the target system. Description rsync is an open source utility that provides fast incremental file transfer. It features the ability to...
rsync security advisory
rsync 2.5.6 security advisory ----------------------------- December 4th 2003 Background ---------- The rsync team has received evidence that a vulnerability in rsync was recently used in combination with a Linux kernel vulnerability to compromise the security of a public rsync server. While the...
rsync buffer overflow
Heap overflow...
Critical: Red Hat Security Advisory: rsync security update
Updated rsync packages are now available that fix a heap overflow in the Rsync server. rsync is a program for sychronizing files over the network. A heap overflow bug exists in rsync versions prior to 2.5.7. On machines where the rsync server has been enabled, a remote attacker could use this fla...