Vulnerability in Andrew_tridgell Rsync
CVE-2004-0792
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.
EPSS: 0.023 (81.2th percentile) — read the EPSS interpretation.
Affected products
- Andrew_tridgell Rsync — versions 2.3.1, 2.3.2, 2.3.2_1.2
- N/a — versions n/a
References
- cve@mitre.org (vendor-advisory, Patch, x_refsource_DEBIAN, Vendor Advisory)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (vendor-advisory, Patch, x_refsource_GENTOO, Vendor Advisory)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (vendor-advisory, x_refsource_TRUSTIX)
- cve@mitre.org (vendor-advisory, x_refsource_SUSE)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)