24 matches found
EUVD-2024-50581
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-12085
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length t...
NewStart CGSL MAIN 7.02 : rsync Multiple Vulnerabilities (NS-SA-2025-0152)
The remote NewStart CGSL host, running version MAIN 7.02, has rsync packages installed that are affected by multiple vulnerabilities: - A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server...
Alibaba Cloud Linux 3 : 0009: rsync (ALINUX3-SA-2025:0009)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0009 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-12085: A flaw was found in the rsync daemo...
EulerOS 2.0 SP11 : rsync (EulerOS-SA-2025-1377)
According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from th...
EulerOS 2.0 SP13 : rsync (EulerOS-SA-2025-1325)
According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum lengt...
EulerOS 2.0 SP12 : rsync (EulerOS-SA-2025-1307)
According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many clie...
K000150363: Multiple rsync vulnerabilities
Security Advisory Description CVE-2024-12084 A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of...
Azure Linux 3.0 Security Update: rsync (CVE-2024-12085)
The version of rsync installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12085 advisory. - A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an...
Important: rsync
Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...
Important: rsync
Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...
Amazon Linux 2 : rsync (ALAS-2025-2731)
The version of rsync installed on the remote host is prior to 3.1.2-11. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2731 advisory. A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an...
Important: rsync
Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...
Amazon Linux 2023 : rsync, rsync-daemon (ALAS2023-2025-801)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-801 advisory. A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison...
DEBIAN-CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
ALPINE-CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
AZL-55685 CVE-2024-12086 affecting package rsync for versions less than 3.4.1-1
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...
CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
CVE-2024-12086
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...
CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...