Vulnerability in Andrew_tridgell Rsync
CVE-2006-2083
Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow.
EPSS: 0.036 (88.1th percentile) — read the EPSS interpretation.
Affected products
- Andrew_tridgell Rsync — versions 2.6.0, 2.6.1, 2.6.2
- N/a — versions n/a
References
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (vendor-advisory, x_refsource_GENTOO)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (vendor-advisory, x_refsource_TRUSTIX)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_VUPEN)
- secalert@redhat.com (vdb-entry, x_refsource_XF)
- secalert@redhat.com (vdb-entry, x_refsource_BID)