2479 matches found
rsync: Directory traversal in rsync daemon
Background rsync is a utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo's Portage tree. rsyncd is the rsync daemon, which listens to connections from rsync clients. Description When rsyncd is used...
CVE-2004-0426
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...
CVE-2004-0426
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...
FreeBSD : rsync buffer overflow in server mode (167)
The following package needs to be updated: rsync %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg5729b8ed5d7511d880e30020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...
FreeBSD : rsync path traversal issue (168)
The following package needs to be updated: rsync %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg73ea07069c5711d893660020ed76ef5a.nasl. Disabled on 2011/10/01. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...
RHEL 2.1 / 3 : rsync (RHSA-2003:399)
Updated rsync packages are now available that fix a heap overflow in the Rsync server. rsync is a program for sychronizing files over the network. A heap overflow bug exists in rsync versions prior to 2.5.7. On machines where the rsync server has been enabled, a remote attacker could use this fla...
RHEL 2.1 / 3 : rsync (RHSA-2004:192)
An updated rsync package that fixes a directory traversal security flaw is now available. Rsync is a program for synchronizing files over a network. Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot. This could allow a remote attacker to wri...
[SECURITY] [DSA 499-2] New rsync packages fix directory traversal bug
-------------------------------------------------------------------------- Debian Security Advisory DSA 499-2 [email protected] http://www.debian.org/security/ Matt Zimmerman June 2nd, 2004 http://www.debian.org/security/faq -...
security flaw
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...
Important: Red Hat Security Advisory: rsync security update
An updated rsync package that fixes a directory traversal security flaw is now available. Rsync is a program for synchronizing files over a network. Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot. This could allow a remote attacker to wri...
rsync Traversal Arbitrary File Creation
The remote rsync server might be vulnerable to a path traversal issue. An attacker may use this flaw to gain access to arbitrary files hosted outside of a module directory. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid12230; scriptversion "1.15";...
rsync update
New rsync packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a security issue. When running an rsync server without the chroot option it is possible for an attacker to write outside of the allowed directory. Any sites running rsync in that mode should upgrade right away and...
[SECURITY] [DSA 499-1] New rsync packages fix directory traversal bug
-------------------------------------------------------------------------- Debian Security Advisory DSA 499-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 1st, 2004 http://www.debian.org/security/faq -...
[Full-Disclosure] [SECURITY] [DSA 499-1] New rsync packages fix directory traversal bug
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 499-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 1st, 2004 http://www.debian.org/security/faq -...
DSA-499 rsync - directory traversal
Bulletin has no description...
CVE-2004-0426
CVE-2004-0426 : The rsync daemon (read/write mode) is vulnerable when not using chroot, allowing remote attackers to write files outside the module’s path due to improper path sanitization. Affected: rsync before 2.6.1. Impact: potential arbitrary file creation/overwrite on the target filesystem ...
CVE-2004-0426
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...
CVE-2004-0426
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...
rsync path traversal issue
When running rsync in daemon mode, no checks were made to prevent clients from writing outside of a module's path' setting...
rsync 2.5.7 - Local Stack Overflow / Local Privilege Escalation
/ rsync / Includes for code to daemonize / include include include include // define PATH "/usr/local/bin/rsync" define BUFFSIZE 100 //define RET 0xbffffdfb / 88 bytes portbinding shellcode - linux-x86 - by bighawk bighawk warfare com This shellcode binds a shell on port 10000 stdin, stdout and...