What is CVE-2002-0048?

CVE-2002-0048 is a vulnerability in N/a. Published 2002-02-18.

Is CVE-2002-0048 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2002-0048

Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.

EPSS: 0.818 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

c-skills/CVEs

References

3958 (vdb-entry, x_refsource_BID)
20020128 TSLSA-2002-0025 - rsync (mailing-list, x_refsource_BUGTRAQ)
ESA-20020125-004 (vendor-advisory, x_refsource_ENGARDE)
20020127 rsync-2.5.2 has security fix (was: Re: [RHSA-2002:018-05] New rsync packages available) (mailing-list, x_refsource_BUGTRAQ)
CLA-2002:458 (vendor-advisory, x_refsource_CONECTIVA)
VU#800635 (x_refsource_CERT-VN, third-party-advisory)
DSA-106 (vendor-advisory, x_refsource_DEBIAN)
SuSE-SA:2002:004 (vendor-advisory, x_refsource_SUSE)
CSSA-2002-003.0 (x_refsource_CALDERA, vendor-advisory)
linux-rsync-root-access(7993) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2002-0048?: CVE-2002-0048 is a vulnerability in N/a. Published 2002-02-18.
Is CVE-2002-0048 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.