Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rsync rsync 2.3.2 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2002-0059
The decompression algorithm in zlib 1.1.3 and previous versions, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote malicious users to execute arbitrary code vi...
Zlib Zlib
NA
CVE-2012-2251
rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option.
Pizzashack Rssh 2.3.2
NA
CVE-2012-2252
Incomplete blacklist vulnerability in rssh prior to 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option.
Pizzashack Rssh 2.2.2
Pizzashack Rssh 2.2.1
Pizzashack Rssh 2.0.0
Pizzashack Rssh 2.3.1
Pizzashack Rssh 2.3.0
Pizzashack Rssh 2.2.3
Pizzashack Rssh 2.0.2
Pizzashack Rssh 2.0.1
Pizzashack Rssh 2.1.0
Pizzashack Rssh 2.1.1
Pizzashack Rssh
Pizzashack Rssh 2.3.2
Pizzashack Rssh 2.0.4
Pizzashack Rssh 2.0.3
NA
CVE-2007-6199
rsync prior to 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote malicious users to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
Rsync Rsync 2.3.2 1.2alpha
Rsync Rsync 2.3.2 1.2arm
Rsync Rsync 2.4.1
Rsync Rsync 2.4.3
Rsync Rsync 2.5.3
Rsync Rsync 2.5.4
Rsync Rsync 2.6.5
Rsync Rsync 2.6.6
Rsync Rsync 2.3.1
Rsync Rsync 2.3.2
Rsync Rsync 2.3.2 1.3
Rsync Rsync 2.4.0
Rsync Rsync 2.5.0
Rsync Rsync 2.5.1
Rsync Rsync 2.5.2
Rsync Rsync 2.6.1
Rsync Rsync 2.6.2
Rsync Rsync 2.3.2 1.2ppc
Rsync Rsync 2.3.2 1.2sparc
Rsync Rsync 2.4.6
Rsync Rsync 2.4.8
Rsync Rsync 2.5.7
NA
CVE-2007-6200
Unspecified vulnerability in rsync prior to 3.0.0pre6, when running a writable rsync daemon, allows remote malicious users to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options...
Rsync Rsync 2.3.2
Rsync Rsync 2.3.2 1.2alpha
Rsync Rsync 2.4.0
Rsync Rsync 2.4.1
Rsync Rsync 2.5.1
Rsync Rsync 2.5.2
Rsync Rsync 2.6.2
Rsync Rsync 2.3.2 1.2m68k
Rsync Rsync 2.3.2 1.2ppc
Rsync Rsync 2.4.5
Rsync Rsync 2.3.2 1.2arm
Rsync Rsync 2.3.2 1.2intel
Rsync Rsync 2.4.3
Rsync Rsync 2.4.4
Rsync Rsync 2.5.3
Rsync Rsync 2.5.4
Rsync Rsync 2.5.5
Rsync Rsync 2.6.6
Rsync Rsync 2.6.7
Rsync Rsync 2.3.1
Rsync Rsync 2.3.2 1.2sparc
Rsync Rsync 2.3.2 1.3
NA
CVE-2004-0792
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and previous versions, when chroot is disabled, allows malicious users to read or write certain files.
Andrew Tridgell Rsync 2.3.2 1.2
Andrew Tridgell Rsync 2.4.6
Andrew Tridgell Rsync 2.4.8
Andrew Tridgell Rsync 2.5.7
Andrew Tridgell Rsync 2.6
Andrew Tridgell Rsync 2.4.1
Andrew Tridgell Rsync 2.4.3
Andrew Tridgell Rsync 2.5.3
Andrew Tridgell Rsync 2.5.4
Andrew Tridgell Rsync 2.3.1
Andrew Tridgell Rsync 2.3.2
Andrew Tridgell Rsync 2.3.2 1.3
Andrew Tridgell Rsync 2.4.0
Andrew Tridgell Rsync 2.5.0
Andrew Tridgell Rsync 2.5.1
Andrew Tridgell Rsync 2.5.2
Andrew Tridgell Rsync 2.6.1
Andrew Tridgell Rsync 2.6.2
Andrew Tridgell Rsync 2.4.4
Andrew Tridgell Rsync 2.4.5
Andrew Tridgell Rsync 2.5.5
Andrew Tridgell Rsync 2.5.6
NA
CVE-2003-0962
Heap-based buffer overflow in rsync prior to 2.5.7, when running in server mode, allows remote malicious users to execute arbitrary code and possibly escape the chroot jail.
Andrew Tridgell Rsync 2.4.4
Andrew Tridgell Rsync 2.4.5
Andrew Tridgell Rsync 2.5.5
Andrew Tridgell Rsync 2.5.6
Engardelinux Secure Community 1.0.1
Engardelinux Secure Community 2.0
Andrew Tridgell Rsync 2.4.1
Andrew Tridgell Rsync 2.4.3
Andrew Tridgell Rsync 2.5.2
Andrew Tridgell Rsync 2.5.3
Andrew Tridgell Rsync 2.5.4
Redhat Rsync 2.5.5-1
Redhat Rsync 2.5.5-4
Andrew Tridgell Rsync 2.3.1
Andrew Tridgell Rsync 2.4.6
Andrew Tridgell Rsync 2.4.8
Redhat Rsync 2.4.6-2
Redhat Rsync 2.4.6-5
Engardelinux Secure Linux 1.1
Engardelinux Secure Linux 1.2
Andrew Tridgell Rsync 2.3.2
Andrew Tridgell Rsync 2.4.0
NA
CVE-2002-0048
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote malicious users to cause a denial of service and execute arbitrary code in the rsync client or server.
Andrew Tridgell Rsync 2.3.1
Andrew Tridgell Rsync 2.3.2 1.2
Andrew Tridgell Rsync 2.4.1
Andrew Tridgell Rsync 2.3.2
Andrew Tridgell Rsync 2.4.3
Andrew Tridgell Rsync 2.4.4
Andrew Tridgell Rsync 2.4.6
Andrew Tridgell Rsync 2.5.0 1
Andrew Tridgell Rsync 2.5.1
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started