CVSS: 10.0EPSS: 91%CPEs: 14EXPL: 3CVE-2002-0048 – rsync 2.5.1 - Remote
https://notcve.org/view.php?id=CVE-2002-0048
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server. Errores de mezclado de números con y sin signo en las funciones I/O de rsync, versiones 2.4.6, 2.3.2 y otras versiones, permite que atacantes remotos provoquen una denegación de servicio y ejecuten código arbitrario en el cliente o servidor rsync. • https://www.exploit-db.com/exploits/398 https://www.exploit-db.com/exploits/399 https://www.exploit-db.com/exploits/21242 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:10.rsync.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000458 http://lists.suse.com/archives/suse-security-announce/2002-Jan/0003.html http://marc.info/?l=bugtraq&m=101223214906963&w=2 http://marc.info/?l=bugtraq&m=101223603321315&w=2 http://online.securityfocus.co •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0473
https://notcve.org/view.php?id=CVE-1999-0473
The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred. • http://www.securityfocus.com/bid/145 •