Lucene search
UbuntuUSN-500-1HistoryAug 20, 2007 - 12:00 a.m.
rsync vulnerability
2007-08-2000:00:00
ubuntu.com
25
Releases
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06
Details
Sebastian Krahmer discovered that rsync contained an off-by-one
miscalculation when handling certain file paths. By creating a specially
crafted tree of files and tricking an rsync server into processing them,
a remote attacker could write a single NULL to stack memory, possibly
leading to arbitrary code execution.
References
Related
prion
prion
Code injection
2007-08-16 00:17:00
nessus
nessus
Debian DSA-1360-1 : rsync - buffer overflow
2007-09-03 00:00:00
SuSE 10 Security Update : rsync (ZYPP Patch Number 3997)
2007-12-13 00:00:00
F5 Networks BIG-IP : Rsync sender.c vulnerability (SOL15548)
2014-10-10 00:00:00
securityvulns
securityvulns
[ MDKSA-2007:166 ] - Updated rsync packages fix off-by-one buffer overflow
2007-08-21 00:00:00
Rsync off-by-one buffer overflow
2007-08-21 00:00:00
cvelist
cvelist
CVE-2007-4091
2007-08-16 00:00:00
f5
f5
K15548 : Rsync sender.c vulnerability CVE-2007-4091
2015-04-29 00:00:00
SOL15548 - Rsync sender.c vulnerability CVE-2007-4091
2014-09-04 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2007-335-01)
2012-09-10 00:00:00
Slackware Advisory SSA:2007-335-01 rsync
2012-09-11 00:00:00
FreeBSD Ports: rsync
2008-09-04 00:00:00
debian
debian
[SECURITY] [DSA 1360-1] New rsync packages fix arbitrary code execution
2007-08-28 00:00:00
debiancve
debiancve
CVE-2007-4091
2007-08-16 00:17:00
slackware
slackware
[slackware-security] rsync
2007-12-02 03:11:40
freebsd
freebsd
rsync -- off by one stack overflow
2007-08-15 00:00:00
ubuntucve
ubuntucve
CVE-2007-4091
2007-08-16 00:00:00
cve
cve
CVE-2007-4091
2007-08-16 00:17:00
gentoo
gentoo
rsync: Two buffer overflows
2007-09-20 00:00:00