Lucene search
K

36 matches found

OSV
OSV
added 2015/04/15 9:1 a.m.6 views

MGASA-2015-0146 Updated librsync packages fix security vulnerabilities

Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...

5.8CVSS6.3AI score0.02939EPSS
Exploits0References3
Mageia
Mageia
added 2015/04/15 9:1 a.m.30 views

Updated librsync packages fix security vulnerabilities

Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...

5.8CVSS6.4AI score0.02939EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.26 views

Fedora 21 : csync2-1.34-15.fc21 / duplicity-0.6.25-3.fc21 / librsync-1.0.0-1.fc21 / etc (2015-3497)

Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...

5.8CVSS5.6AI score0.02939EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.26 views

Fedora 20 : csync2-1.34-15.fc20 / duplicity-0.6.25-3.fc20 / librsync-1.0.0-1.fc20 / etc (2015-3366)

Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...

5.8CVSS5.6AI score0.02939EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2015/03/20 12:0 a.m.16 views

Fedora Update for librsync FEDORA-2015-3366

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.4AI score0.02939EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/03/20 12:0 a.m.14 views

Fedora Update for librsync FEDORA-2015-3497

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.4AI score0.02939EPSS
Exploits0References2
Fedora
Fedora
added 2015/03/19 6:44 p.m.31 views

[SECURITY] Fedora 21 Update: duplicity-0.6.25-3.fc21

Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...

5.8CVSS0.2AI score0.02939EPSS
Exploits0
Fedora
Fedora
added 2015/03/19 6:44 p.m.21 views

[SECURITY] Fedora 21 Update: librsync-1.0.0-1.fc21

librsync implements the "rsync" algorithm, which allows remote differencing of binary files. librsync computes a delta relative to a file's checksum, so the two files need not both be present to generate a delta. This library was previously known as libhsync up to version 0.9.0. The current versi...

5.8CVSS3.5AI score0.02939EPSS
Exploits0
Fedora
Fedora
added 2015/03/19 6:43 p.m.22 views

[SECURITY] Fedora 20 Update: librsync-1.0.0-1.fc20

librsync implements the "rsync" algorithm, which allows remote differencing of binary files. librsync computes a delta relative to a file's checksum, so the two files need not both be present to generate a delta. This library was previously known as libhsync up to version 0.9.0. The current versi...

5.8CVSS3.5AI score0.02939EPSS
Exploits0
ArchLinux
ArchLinux
added 2015/03/16 12:0 a.m.46 views

librsync: checksum collision

librsync previously used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other regions of the file, if it's transferred using librsync/rdiff...

5.8CVSS1AI score0.02939EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/03/10 12:0 a.m.30 views

Fedora 22 : csync2-1.34-15.fc22 / duplicity-0.6.25-3.fc22 / librsync-1.0.0-1.fc22 / etc (2015-2923)

Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...

5.8CVSS5.6AI score0.02939EPSS
Exploits0References9
Fedora
Fedora
added 2015/03/09 8:18 a.m.26 views

[SECURITY] Fedora 22 Update: librsync-1.0.0-1.fc22

librsync implements the "rsync" algorithm, which allows remote differencing of binary files. librsync computes a delta relative to a file's checksum, so the two files need not both be present to generate a delta. This library was previously known as libhsync up to version 0.9.0. The current versi...

5.8CVSS3.5AI score0.02939EPSS
Exploits0
Fedora
Fedora
added 2015/03/09 8:18 a.m.30 views

[SECURITY] Fedora 22 Update: duplicity-0.6.25-3.fc22

Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...

5.8CVSS0.2AI score0.02939EPSS
Exploits0
FreeBSD
FreeBSD
added 2014/07/28 12:0 a.m.30 views

librsync -- collision vulnerability

Michael Samuel reports: librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...

5.8CVSS6.4AI score0.02939EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/02/16 12:0 a.m.12 views

Fedora Update for duplicity FEDORA-2008-1521

Check for the Version of duplicity OpenVAS Vulnerability Test Fedora Update for duplicity FEDORA-2008-1521 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

4.6CVSS6.5AI score0.00371EPSS
Exploits0References2
Fedora
Fedora
added 2008/02/13 5:12 a.m.36 views

[SECURITY] Fedora 7 Update: duplicity-0.4.9-1.fc7

Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...

4.6CVSS6.3AI score0.00371EPSS
Exploits0
Rows per page
Query Builder