Lucene search
K

90 matches found

Debian
Debian
added 2004/08/17 7:6 a.m.14 views

[SECURITY] [DSA 538-1] New rsync packages fix unauthorised directory traversal and file access

-------------------------------------------------------------------------- Debian Security Advisory DSA 538-1 [email protected] http://www.debian.org/security/ Martin Schulze August 17th, 2004 http://www.debian.org/security/faq -...

1.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.33 views

Mandrake Linux Security Advisory : rsync (MDKSA-2002:009)

Sebastian Krahmer of the SuSE Security Team performed an audit on the rsync tool and discovered that in several places signed and unsigned numbers were mixed, with the end result being insecure code. These flaws could be abused by remote users to write 0 bytes into rsync's memory and trick rsync...

10CVSS6AI score0.34016EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.23 views

Mandrake Linux Security Advisory : rsync (MDKSA-2004:042)

Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, allows remote attackers to write files outside of the module's path. The updated packages provide a patched rsync to correct this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5CVSS5.4AI score0.03404EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2004/05/19 7:3 p.m.31 views

Important: Red Hat Security Advisory: rsync security update

An updated rsync package that fixes a directory traversal security flaw is now available. Rsync is a program for synchronizing files over a network. Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot. This could allow a remote attacker to wri...

5CVSS5.8AI score0.03404EPSS
Exploits0References3
securityvulns
securityvulns
added 2003/12/05 12:0 a.m.32 views

rsync security advisory

rsync 2.5.6 security advisory ----------------------------- December 4th 2003 Background ---------- The rsync team has received evidence that a vulnerability in rsync was recently used in combination with a Linux kernel vulnerability to compromise the security of a public rsync server. While the...

0.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2003/12/04 9:14 p.m.31 views

Critical: Red Hat Security Advisory: rsync security update

Updated rsync packages are now available that fix a heap overflow in the Rsync server. rsync is a program for sychronizing files over the network. A heap overflow bug exists in rsync versions prior to 2.5.7. On machines where the rsync server has been enabled, a remote attacker could use this fla...

7.5CVSS6.2AI score0.21157EPSS
Exploits1References3
Debian
Debian
added 2002/02/03 2:50 p.m.14 views

[SECURITY] [DSA-106-2] updated rsync fix

Package : rsync Problem type : remote exploit Debian-specific: no In Debian Security Advisory DSA-106-1 we reported a exploitable problem in rsync. For details please see that advisory. Unfortunately the patch used to fix that problem broke rsync. This has been fixed in version 2.3.2-1.5 and we...

5.9AI score
Exploits0
Debian
Debian
added 1999/08/18 9:34 p.m.16 views

[SECURITY] New versions of rsync fixes security hole

This is an old report from May 1999 but it wasnt reported on this channel yet. The author of rsync, Andrew Tridgell, has reported that former versions of rsync contained a security-related bug. I you were transferring an empty directory into a non-existent directory on a remote host, permissions ...

5.8AI score
Exploits0
Debian
Debian
added 1999/08/18 12:0 a.m.10 views

[SECURITY] New versions of rsync fixes security hole

This is an old report from May 1999 but it wasnt reported on this channel yet. The author of rsync, Andrew Tridgell, has reported that former versions of rsync contained a security-related bug. I you were transferring an empty directory into a non-existent directory on a remote host, permissions ...

2.1AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.31 views

rsync.permissions.txt

Date: Wed, 7 Apr 1999 22:21:30 +1000 From: Andrew Tridgell To: [email protected] Subject: rsync 2.3.1 release - security fix I discovered a security hole in rsync yesterday and have released rsync 2.3.1 to fix it. The new version and patches against the last version are available at...

7.4AI score
Exploits0
Rows per page
Query Builder