2463 matches found
CVE-2002-0048
Multiple signedness errors mixed signed and unsigned numbers in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server...
FreeBSD-SA-02:10.rsync
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:10 Security Advisory FreeBSD, Inc. Topic: rsync port contains remotely exploitable vulnerability Category: ports Module: rsync Announced: 2002-02-06 Credits: Sebastian...
[SECURITY] [DSA-106-2] updated rsync fix
Package : rsync Problem type : remote exploit Debian-specific: no In Debian Security Advisory DSA-106-1 we reported a exploitable problem in rsync. For details please see that advisory. Unfortunately the patch used to fix that problem broke rsync. This has been fixed in version 2.3.2-1.5 and we...
[SECURITY] [DSA-106-1] rsync remote exploit
Package : rsync Problem type : remote exploit Debian-specific: no Sebastian Krahmer found several places in rsync a popular tool to synchronise files between machines where signed and unsigned numbers were mixed which resulted in insecure code. This could be abused by remote users to write 0-byte...
Отрицательные индексы массива в rsync (negatice array index)
Ошибка отрицательных индексов массива дает возможность удаленного выполнения кода...
SuSE Security Announcement: rsync (SuSE-SA:2002:004)
-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: rsync Announcement-ID: SuSE-SA:2002:004 Date: Fri Jan 25 17:00:00 CET 2002 Affected SuSE versions: 6.4, 7.0, 7.1, 7.2, 7.3 Vulnerability Type: remote command executionn Severity 1-10: 7 SuSE default package: no Other affected...
rsync update fixes security problems
New rsync packages are available to fix a security problem. Here's the information from the Slackware 8.0 ChangeLog: Fri Jan 25 14:25:51 PST 2002 patches/packages/rsync.tgz: Fixed a security hole by upgrading to rsync-2.4.8pre1. This is the relevant information from the rsync NEWS file: SECURITY...
rsync 2.3/2.4/2.5 - Signed Array Index Remote Code Execution
// source: https://www.securityfocus.com/bid/3958/info A vulnerability exists within some versions of rsync. Under some circumstances, a remotely supplied signed value is used as an array index, allowing NULL bytes to be written to arbitrary memory locations. Exploitation of this vulnerability...
rsync 2.32.42.5 - Signed Array Index Remote Code Execution
rsync 2.32.42.5 - Signed Array Index Remote Code Execution // source: https://www.securityfocus.com/bid/3958/info A vulnerability exists within some versions of rsync. Under some circumstances, a remotely supplied signed value is used as an array index, allowing NULL bytes to be written to...
rsync <= 2.5.1 Remote Exploit
Exploit for linux platform in category remote exploits ============================= rsync include include include include include include include include include define MAXPATHLEN 4096 define VERSION "@RSYNCD: 26\n" define PORT 873 define NULLOFFSET -48 define STARTNULLBRUTE -44 define...
rsync 2.5.1 - Remote (1)
rsync 2.5.1 - Remote 1 / 7350fuqnut - rsync include include include include include include include include include define MAXPATHLEN 4096 define VERSION "@RSYNCD: 26\n" define PORT 873 define NULLOFFSET -48 define STARTNULLBRUTE -44 define ENDNULLBRUTE -56 define BRUTEBASE 0xbfff7777 define...
rsync <= 2.5.1 Remote Exploit (2)
No description provided by source. / 7350rsync - rsync include include include include include include include include include include define MAXPATHLEN 4096 define VERSION "@RSYNCD: 26\n" define PORT 873 define NULLOFFSET -48 define STARTNULLBRUTE -44 define ENDNULLBRUTE -56 define BRUTEBASE...
rsync <= 2.5.1 Remote Exploit (2)
Exploit for linux platform in category remote exploits ================================= rsync include include include include include include include include include include define MAXPATHLEN 4096 define VERSION "@RSYNCD: 26\n" define PORT 873 define NULLOFFSET -48 define STARTNULLBRUTE -44 defi...
rsync 2.5.1 - Remote (2)
rsync 2.5.1 - Remote 2 / 7350rsync - rsync include include include include include include include include include include define MAXPATHLEN 4096 define VERSION "@RSYNCD: 26\n" define PORT 873 define NULLOFFSET -48 define STARTNULLBRUTE -44 define ENDNULLBRUTE -56 define BRUTEBASE 0xbfff7777 defi...
rsync <= 2.5.1 Remote Exploit
No description provided by source. / 7350fuqnut - rsync include include include include include include include include include define MAXPATHLEN 4096 define VERSION "@RSYNCD: 26\n" define PORT 873 define NULLOFFSET -48 define STARTNULLBRUTE -44 define ENDNULLBRUTE -56 define BRUTEBASE 0xbfff7777...
rsync 2.5.1 - Remote (2)
/ 7350rsync - rsync include include include include include include include include include include define MAXPATHLEN 4096 define VERSION "@RSYNCD: 26\n" define PORT 873 define NULLOFFSET -48 define STARTNULLBRUTE -44 define ENDNULLBRUTE -56 define BRUTEBASE 0xbfff7777 define INCREMENT 512 define...
rsync 2.5.1 - Remote (1)
/ 7350fuqnut - rsync include include include include include include include include include define MAXPATHLEN 4096 define VERSION "@RSYNCD: 26\n" define PORT 873 define NULLOFFSET -48 define STARTNULLBRUTE -44 define ENDNULLBRUTE -56 define BRUTEBASE 0xbfff7777 define INCREMENT 512 define ALLIGN...
CVE-1999-0473
The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred...
CVE-1999-0473
CVE-1999-0473 affects the rsync utility prior to version 2.3.1. The vulnerability allows the client’s working directory to be changed to the permissions of the directory being transferred, via rsync, as described in Red Hat and CVE records. Affected component is rsync’s transfer/permissions handl...
[SECURITY] New versions of rsync fixes security hole
This is an old report from May 1999 but it wasnt reported on this channel yet. The author of rsync, Andrew Tridgell, has reported that former versions of rsync contained a security-related bug. I you were transferring an empty directory into a non-existent directory on a remote host, permissions ...