Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2007-6199
HistoryDec 01, 2007 - 12:00 a.m.

CVE-2007-6199

2007-12-0100:00:00
ubuntu.com
ubuntu.com
14

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.025

Percentile

90.3%

JSON

rsync before 3.0.0pre6, when running a writable rsync daemon that is not
using chroot, allows remote attackers to access restricted files via
unknown vectors that cause rsync to create a symlink that points outside of
the module’s hierarchy.

Bugs

Notes

Author Note
jdstrand lowering priority as it is only for rsyncd while not running in chroot. This is a not-recommended, non-standard configuration. Above patch adds a configuration option to make this configuration ‘safer’.

Related

f5 2
nvd 1
cve 1
cvelist 1
debiancve 1
prion 1
nessus 6
openvas 8
securityvulns 2
osv 1
f5
f5
K15549 : Rsync vulnerability CVE-2007-6199
2015-09-11 00:00:00
SOL15549 - Rsync vulnerability CVE-2007-6199
2014-09-04 00:00:00
nvd
nvd
CVE-2007-6199
2007-12-01 06:46:00
cve
cve
CVE-2007-6199
2007-12-01 06:46:00
cvelist
cvelist
CVE-2007-6199
2007-12-01 01:00:00
debiancve
debiancve
CVE-2007-6199
2007-12-01 06:46:00
prion
prion
Design/Logic Flaw
2007-12-01 06:46:00
nessus
nessus
F5 Networks BIG-IP : Rsync vulnerability (SOL15549)
2015-04-23 00:00:00
openSUSE 10 Security Update : rsync (rsync-4793)
2007-12-24 00:00:00
Mandriva Linux Security Advisory : rsync (MDVSA-2008:011)
2009-04-23 00:00:00
openvas
openvas
SLES10: Security update for rsync
2009-10-13 00:00:00
Mandriva Update for rsync MDVSA-2008:011 (rsync)
2009-04-09 00:00:00
Mandriva Update for rsync MDVSA-2008:011 (rsync)
2009-04-09 00:00:00
securityvulns
securityvulns
rsync security restrictions bypass
2007-12-05 00:00:00
rPSA-2007-0257-1 rsync
2007-12-05 00:00:00
osv
osv
rsync-3.2.3-2.6 on GA media
2024-06-15 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.025

Percentile

90.3%

JSON
Related for UB:CVE-2007-6199
f52nvd1cve1cvelist1debiancve1prion1nessus6openvas8securityvulns2osv1