RHEL 6 : rsync (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rsync: daemon does not check for fnamecmp filenames allowing for access restriction bypass CVE-2017-17434...

EulerOS Virtualization 3.0.6.0 : rsync (EulerOS-SA-2023-2204)

According to the versions of the rsync packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories...

Amazon Linux 2 : rsync (ALAS-2022-1873)

The version of rsync installed on the remote host is prior to 3.1.2-11. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1873 advisory. A flaw was found in rsync that is triggered by a victim rsync user/client connecting to a malicious rsync server. The server can cop...

MGASA-2022-0302 Updated rsync packages fix security vulnerability

An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A...

Oracle Linux 9 : rsync (ELSA-2022-6181)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-6181 advisory. 3.2.3-9.2 - Resolves: 2111176 - remote arbitrary files write inside the directories of connecting peers Tenable has extracted the preceding description block...