Lucene search
FreeBSDB22B016B-B633-11E5-83EF-14DAE9D210B8HistoryJul 28, 2014 - 12:00 a.m.
librsync -- collision vulnerability
2014-07-2800:00:00
vuxml.freebsd.org
17
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
EPSS
0.007
Percentile
79.9%
Michael Samuel reports:
librsync before 1.0.0 uses a truncated MD4 checksum to
match blocks, which makes it easier for remote attackers to modify
transmitted data via a birthday attack.
Related
fedora
fedora
[SECURITY] Fedora 21 Update: librsync-1.0.0-1.fc21
2015-03-19 18:44:40
[SECURITY] Fedora 22 Update: duplicity-0.6.25-3.fc22
2015-03-09 08:18:48
[SECURITY] Fedora 21 Update: rdiff-backup-1.2.8-14.fc21
2015-03-19 18:44:40
ubuntucve
ubuntucve
CVE-2014-8242
2015-10-26 00:00:00
nessus
nessus
openvas
openvas
Fedora Update for duplicity FEDORA-2015-2923
2015-07-07 00:00:00
Fedora Update for duplicity FEDORA-2015-3366
2015-03-20 00:00:00
Fedora Update for duplicity FEDORA-2015-3497
2015-03-20 00:00:00
debiancve
debiancve
CVE-2014-8242
2015-10-26 17:59:00
archlinux
archlinux
librsync: checksum collision
2015-03-16 00:00:00
prion
prion
Code injection
2015-10-26 17:59:00
securityvulns
securityvulns
librsync weak permission
2015-05-05 00:00:00
[ MDVSA-2015:204 ] librsync
2015-05-05 00:00:00
mageia
mageia
Updated librsync packages fix security vulnerabilities
2015-04-15 12:01:28
cve
cve
CVE-2014-8242
2015-10-26 17:59:00
nvd
nvd
CVE-2014-8242
2015-10-26 17:59:00
osv
osv
librsync-devel-1.0.0-2.8 on GA media
2024-06-15 00:00:00
rsync-3.1.2-1.5 on GA media
2024-06-15 00:00:00
cvelist
cvelist
CVE-2014-8242
2015-10-26 17:00:00
gentoo
gentoo
rsync: Multiple vulnerabilities
2016-05-30 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
EPSS
0.007
Percentile
79.9%
Related for B22B016B-B633-11E5-83EF-14DAE9D210B8