14 matches found
Astra Linux – Vulnerability in rsync
There is a path traversal vulnerability in rsync. This vulnerability stems from a behavior enabled by the --inc-recursive option, which is a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive...
MiracleLinux 7 : rsync-3.1.2-12.0.3.el7.AXS7 (AXSA:2025-9708:04)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9708:04 advisory. CVE-2024-12087: fix path traversal vulnerability in rsync enabled by the '--inc-recursive' option CVE-2024-12088: make --safe-links stricter CVEs:...
rsync: Path traversal vulnerability in rsync
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...
rsync: Path traversal vulnerability in rsync
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...
rsync: Path traversal vulnerability in rsync
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...
rsync: Path traversal vulnerability in rsync
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...
TencentOS Server 4: rsync (TSSA-2025:0534)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0534 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Important: rsync
Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...
Important: rsync
Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...
The vulnerability in the `-inc-recursive` configuration of the rsyncd daemon’s utility for transferring and synchronizing files allows a attacker to write arbitrary files.
The vulnerability of the -inc-recursive configuration of the rsyncd daemon, a utility for transferring and synchronizing files, involves traversing directory paths without checking for symbolic links, along with checks for duplication. Exploiting this vulnerability allows an attacker to write...
SUSE CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...
CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...
AZL-55655 CVE-2024-12087 affecting package rsync for versions less than 3.4.1-1
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...
AZL-55682 CVE-2024-12087 affecting package rsync for versions less than 3.4.1-1
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...