rsync software vulnerabilities

Searching rsync software vulnerabilities

Multiple off-by-one vulnerabilities in Ethereal

vulnerabilities | off-by-one | Ethereal | Multiple |

Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions.

Heap-based buffer overflow in rsync before 2.5.

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

rsync before 2.6.1 does not properly sanitize p

before | rsync |

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.

Directory traversal vulnerability in the saniti

Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.

rssh 2.2.2 and earlier does not properly restri

rssh |

rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.

Buffer overflow in the open_socket_out function

Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional privileges beyond those that are already available to the user. Therefore this issue may be REJECTED in the future.

Heap-based buffer overflow in rsync in Mac OS X

Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes.

Argument injection vulnerability in scponlyc in

Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatability are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered.

util.c in rssh 2.3.0 in Debian GNU/Linux does n

utilc | rssh |

util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf.

Integer overflow in the receive_xattr function

Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow.

Buffer overflow in bos.rte.libc in IBM AIX 5.2

Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin.

Multiple off-by-one errors in the sender.c in r

Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function.

Software vulnerabilities results 1 to 13 of 13

Page: 1

rsync software vulnerabilities

vulnerabilities.aspcode.net

Searching rsync software vulnerabilities