Lucene search
Veracode Vulnerability DatabaseVERACODE:25266HistoryMay 10, 2020 - 11:22 p.m.
Access Control Bypass
2020-05-1023:22:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.005 Low
EPSS
Percentile
77.3%
rsync is vulnerable to access control bypass. The parse_arguments function in options.c does not prevent multiple --protect-args uses and allows remote attackers to bypass the argument-sanitization protection mechanism.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rsync:3.4 | eq | 3.1.2-r2 | |
| rsync:stretch | eq | 3.1.2-1+deb9u2 |
References
www.securityfocus.com/bid/102803
www.securitytracker.com/id/1040276
download.samba.org/pub/rsync/src-previews/rsync-3.1.3pre1-NEWS
git.samba.org/rsync.git/?p=rsync.git;a=commit;h=7706303828fcde524222babb2833864a4bd09e07
lists.debian.org/debian-lts-announce/2018/01/msg00021.html
lists.debian.org/debian-lts-announce/2019/03/msg00027.html
lists.debian.org/debian-lts-announce/2021/11/msg00028.html
security.gentoo.org/glsa/201805-04
usn.ubuntu.com/3543-1/
Related
nessus
nessus
Debian DLA-1247-1 : rsync security update
2018-01-19 00:00:00
Photon OS 2.0: Rsync PHSA-2018-2.0-0041
2019-02-07 00:00:00
Debian DLA-2833-1 : rsync - LTS security update
2021-12-01 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1247-1)
2018-01-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0172-1)
2021-06-09 00:00:00
Fedora Update for rsync FEDORA-2018-034101216d
2018-02-06 00:00:00
cvelist
cvelist
CVE-2018-5764
2018-01-17 22:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: rsync-3.1.3-1.fc27
2018-02-06 15:39:17
[SECURITY] Fedora 26 Update: rsync-3.1.3-2.fc26
2018-02-05 14:39:29
debian
debian
[SECURITY] [DLA 2833-1] rsync security update
2021-11-30 21:21:18
[SECURITY] [DLA 1247-1] rsync security update
2018-01-19 04:55:38
[SECURITY] [DLA 1725-1] rsync security update
2019-03-24 21:48:25
osv
osv
rsync - security update
2021-11-30 00:00:00
CVE-2018-5764
2018-01-17 22:29:00
rsync - security update
2018-01-19 00:00:00
alpinelinux
alpinelinux
CVE-2018-5764
2018-01-17 22:29:00
debiancve
debiancve
CVE-2018-5764
2018-01-17 22:29:00
redhatcve
redhatcve
CVE-2018-5764
2018-01-19 21:20:00
mageia
mageia
Updated rsync package fixes security vulnerability
2018-01-31 23:47:38
gentoo
gentoo
rsync: Arbitrary command execution
2018-05-08 00:00:00
ubuntucve
ubuntucve
CVE-2018-5764
2018-01-17 00:00:00
prion
prion
Design/Logic Flaw
2018-01-17 22:29:00
cve
cve
CVE-2018-5764
2018-01-17 22:29:00
nvd
nvd
CVE-2018-5764
2018-01-17 22:29:00
slackware
slackware
[slackware-security] rsync
2018-02-01 18:52:57
cloudfoundry
cloudfoundry
USN-3543-1: rsync vulnerabilities | Cloud Foundry
2018-03-01 00:00:00
ubuntu
ubuntu
rsync vulnerabilities
2018-01-23 00:00:00
rsync vulnerabilities
2018-01-23 00:00:00
archlinux
archlinux
[ASA-201801-21] rsync: multiple issues
2018-01-29 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-2.0-0041
2018-05-03 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-1.0-0132
2018-05-03 00:00:00
Important Photon OS Security Update - PHSA-2018-0041
2018-05-03 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1964
2021-07-02 18:04:47
ibm
ibm