Rsync Security Vulnerabilities and Issues — Rsync CVE List

Lucene search

SambaRsync

17 matches found

CVE•added 2022/08/02 3:15 p.m.•565 views

CVE-2022-29154

An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A mali...

7.4CVSS7.7AI score0.00302EPSS

CVE•added 2025/01/14 6:15 p.m.•259 views

CVE-2024-12085

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

7.5CVSS7.5AI score0.01186EPSS

CVE•added 2018/01/17 10:29 p.m.•201 views

CVE-2018-5764

The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism.

7.5CVSS7.4AI score0.07709EPSS

CVE•added 2017/11/06 5:29 a.m.•148 views

CVE-2017-16548

The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by send...

9.8CVSS9.7AI score0.03341EPSS

CVE•added 2025/01/14 6:15 p.m.•135 views

CVE-2024-12088

A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the d...

7.5CVSS8AI score0.0052EPSS

CVE•added 2017/12/06 3:29 a.m.•129 views

CVE-2017-17433

The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.

4.3CVSS6.4AI score0.01555EPSS

CVE•added 2015/02/12 4:59 p.m.•118 views

CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.

6.4CVSS8.4AI score0.08882EPSS

CVE•added 2017/12/06 3:29 a.m.•118 views

CVE-2017-17434

The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in "xname follows" strings...

9.8CVSS8.4AI score0.01156EPSS

CVE•added 2025/01/15 3:15 p.m.•111 views

CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.

9.8CVSS9.6AI score0.02911EPSS

CVE•added 2025/01/14 6:15 p.m.•109 views

CVE-2024-12087

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper symli...

7.5CVSS6.5AI score0.00661EPSS

CVE•added 2021/05/27 8:15 p.m.•96 views

CVE-2020-14387

A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which could compromise co...

7.4CVSS7AI score0.00141EPSS

CVE•added 2025/01/14 6:15 p.m.•96 views

CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with...

6.8CVSS6.1AI score0.00172EPSS

CVE•added 2017/10/29 6:29 a.m.•76 views

CVE-2017-15994

rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub pro...

9.8CVSS9.4AI score0.00136EPSS

CVE•added 2011/03/30 10:55 p.m.•70 views

CVE-2011-1097

rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.

5.1CVSS9.8AI score0.02434EPSS

CVE•added 2008/04/10 7:5 p.m.•61 views

CVE-2008-1720

Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.

7.5CVSS7.5AI score0.08442EPSS

CVE•added 2002/06/25 4:0 a.m.•57 views

CVE-2002-0080

rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.

2.1CVSS9.1AI score0.00815EPSS

CVE•added 2014/04/23 3:55 p.m.•47 views

CVE-2014-2855

The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.

7.8CVSS6.3AI score0.18317EPSS