CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
92.7%
Updated rsync package fixes security vulnerability: Ryan Finnie discovered that rsync 3.1.0 contains a denial of service issue when attempting to authenticate using a nonexistent username. A remote attacker could use this flaw to cause a denial of service via CPU consumption (CVE-2014-2855). The previous update for this issue in MGASA-2014-0179 failed to properly apply the needed patch, so the package has been rebuilt to address this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | rsync | <Β 3.1.0-4.3 | rsync-3.1.0-4.3.mga4 |