26 matches found
EUVD-2014-8817
Malware in sbrugna...
SUSE CVE-2014-8990
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...
GLSA-201702-05 : Lsyncd: Remote execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-201702-05 Lsyncd: Remote execution of arbitrary code default-rsyncssh.lua in Lsyncd performed insufficient sanitising of filenames. Impact : An attacker, able to control files processed by Lsyncd, could possibly execute arbitrary...
Lsyncd: Remote execution of arbitrary code
Background A daemon to synchronize local directories using rsync. Description default-rsyncssh.lua in Lsyncd performed insufficient sanitising of filenames. Impact An attacker, able to control files processed by Lsyncd, could possibly execute arbitrary code with the privileges of the process or...
Debian DSA-3130-1 : lsyncd - security update
It was discovered that lsyncd, a daemon to synchronize local directories using rsync, performed insufficient sanitising of filenames which might result in the execution of arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
[SECURITY] [DSA 3130-1] lsyncd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3130-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 16, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3130-1 (lsyncd - security update)
It was discovered that lsyncd, a daemon to synchronize local directories using rsync, performed insufficient sanitising of filenames which might result in the execution of arbitrary commands. OpenVAS Vulnerability Test $Id: deb3130.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from...
DSA-3130-1 lsyncd - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3130-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for lsyncd FEDORA-2014-15338
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : lsyncd-2.1.5-6.fc21 (2014-15338)
Fix bad shell argument escaping Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
[SECURITY] Fedora 21 Update: lsyncd-2.1.5-6.fc21
Lsyncd watches a local directory trees event monitor interface inotify. It aggregates and combines events for a few seconds and then spawns one or more processes to synchronize the changes. By default this is rsync. Lsyncd is thus a light-weight live mirror solution that is comparatively easy to...
CVE-2014-8990
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...
DEBIAN-CVE-2014-8990
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...
CVE-2014-8990
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...
CVE-2014-8990
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...
Code injection
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...
UBUNTU-CVE-2014-8990
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...
CVE-2014-8990
CVE-2014-8990 affects Lsyncd up to version 2.1.5, where default-rsyncssh.lua does insufficient sanitising of filenames, allowing remote attackers to execute arbitrary commands via shell metacharacters embedded in a filename. The vulnerability is a remote code execution risk tied to how Lsyncd pro...
CVE-2014-8990
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...