| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-1720 | 7.5 |
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
|
13-02-2023 - 02:19 | 10-04-2008 - 19:05 | |
| CVE-2011-1097 | 5.1 |
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
|
13-02-2023 - 01:18 | 30-03-2011 - 22:55 | |
| CVE-2007-6200 | 10.0 |
Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspec
|
15-10-2018 - 21:50 | 01-12-2007 - 06:46 | |
| CVE-2007-6199 | 9.3 |
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
|
15-10-2018 - 21:50 | 01-12-2007 - 06:46 | |
| CVE-2004-0426 | 5.0 |
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.
|
11-10-2017 - 01:29 | 07-07-2004 - 04:00 |