CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 2CVE-2022-29154 – rsync: remote arbitrary files write inside the directories of connecting peers
https://notcve.org/view.php?id=CVE-2022-29154
02 Aug 2022 — An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file). Se ha detectado un p... • https://github.com/EgeBalci/CVE-2022-29154 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.4EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14387 – Gentoo Linux Security Advisory 202405-22
https://notcve.org/view.php?id=CVE-2020-14387
27 May 2021 — A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which could compromise confidentiality and integrity of data transmitted using rsync-ssl. The highest threat from this vulnerability is to data confidentiality and integrity. This flaw affects rsync versions before 3.2.4. • https://bugzilla.redhat.com/show_bug.cgi?id=1875549 • CWE-297: Improper Validation of Certificate with Host Mismatch •
CVSS: 7.5EPSS: 7%CPEs: 7EXPL: 0CVE-2018-5764 – Gentoo Linux Security Advisory 201805-04
https://notcve.org/view.php?id=CVE-2018-5764
17 Jan 2018 — The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism. La función parse_arguments en options.c en rsync, en versiones anteriores a la 3.1.3, no evita los usos múltiples de --protect-args, lo que permite que atacantes remotos omitan un mecanismo de protección de saneamiento de argumentos. USN-3543-1 fixed vulnerabilities in rsync. This update provides the co... • http://www.securityfocus.com/bid/102803 •
CVSS: 4.3EPSS: 1%CPEs: 4EXPL: 0CVE-2017-17433 – Ubuntu Security Notice USN-3506-1
https://notcve.org/view.php?id=CVE-2017-17433
06 Dec 2017 — The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions. La función recv_files en receiver.c en el demonio en rsync 3.1.2 y 3.1.3-development en versiones anteriores a la 2017-11-03 continúa ciertas actualizaciones de metadatos de archivos antes de buscar un nombre de arch... • http://security.cucumberlinux.com/security/details.php?id=169 • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2017-17434 – Ubuntu Security Notice USN-3506-1
https://notcve.org/view.php?id=CVE-2017-17434
06 Dec 2017 — The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in "xname follows" strings (in the read_ndx_and_attrs function in rsync.c), which allows remote attackers to bypass intended access restrictions. El demonio en rsync 3.1.2 y 3.1.3-development en versiones anteriores a la 2017-11-03 no busc... • http://security.cucumberlinux.com/security/details.php?id=170 •
CVSS: 9.8EPSS: 3%CPEs: 8EXPL: 0CVE-2017-16548 – Ubuntu Security Notice USN-3543-2
https://notcve.org/view.php?id=CVE-2017-16548
06 Nov 2017 — The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon. La función receive_xattr en xattrs.c en rsync 3.1.2 y 3.1.3-development no comprueba un carácter final '\0' en un nombre xattr, lo que permite que atacantes remotos provoquen una de... • https://bugzilla.samba.org/show_bug.cgi?id=13112 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15994
https://notcve.org/view.php?id=CVE-2017-15994
29 Oct 2017 — rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects. rsync 3.1.3-development en versiones anteriores al 24/10/2017 gestiona de manera incorrecta las sumas de verificación arcaicas, lo que hace que sea más fácil para los atacantes remotos omitir las restriccio... • https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.5EPSS: 8%CPEs: 5EXPL: 2CVE-2014-9512 – Ubuntu Security Notice USN-2879-1
https://notcve.org/view.php?id=CVE-2014-9512
12 Feb 2015 — rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path. rsync 3.1.1 permite a atacantes remotos escribir a ficheros arbitrarios a través de un ataque de enlace simbólico sobre un fichero en la ruta de sincronización. It was discovered that rsync incorrectly handled invalid filenames. A malicious server could use this issue to write files outside of the intended destination directory. • http://lists.opensuse.org/opensuse-updates/2015-02/msg00041.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 20%CPEs: 42EXPL: 0CVE-2014-2855 – Ubuntu Security Notice USN-2171-1
https://notcve.org/view.php?id=CVE-2014-2855
23 Apr 2014 — The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file. La función check_secret en authenticate.c en rsync 3.1.0 y anteriores permite a atacantes remotos causar una denegación de servicio (bucle infinito y consumo de CPU) a través de un nombre de usuario que no existe en el archivo de secretos. Ryan Finnie discovered that rsync 3.1.0 contains a den... • http://advisories.mageia.org/MGASA-2015-0065.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 8EXPL: 0CVE-2011-1097 – rsync: Incremental file-list corruption due to temporary file_extra_cnt increments
https://notcve.org/view.php?id=CVE-2011-1097
30 Mar 2011 — rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data. rsync 3.x anterior a3.0.8, cuando se utilizan ciertas opciones de recursión, borrado, y propietario, permite a los servidores rsync remotos provocar una denegación de servicio (corrupción de memoria dinámica y caída de la aplicación) o posiblemente ejecutar códig... • http://gitweb.samba.org/?p=rsync.git%3Ba=commit%3Bh=83b94efa6b60a3ff5eee4c5f7812c617a90a03f6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •