Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-6199

Опубликовано: 01 дек. 2007
Источник: nvd
CVSS2: 9.3
EPSS Низкий

Описание

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:12.0:*:*:*:*:*:*:*

Одно из

cpe:2.3:a:rsync:rsync:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.3.2_1.2alpha:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.3.2_1.2arm:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.3.2_1.2intel:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.3.2_1.2m68k:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.3.2_1.2ppc:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.3.2_1.2sparc:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.3.2_1.3:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.5.7:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.6:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.6.8:*:*:*:*:*:*:*
cpe:2.3:a:rsync:rsync:2.6.9:*:*:*:*:*:*:*

EPSS

Процентиль: 90%
0.05819
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-16

Связанные уязвимости

ubuntu логотип

CVE-2007-6199

ubuntu
почти 18 лет назад

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.

redhat логотип

CVE-2007-6199

redhat
почти 18 лет назад

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.

debian логотип

CVE-2007-6199

debian
почти 18 лет назад

rsync before 3.0.0pre6, when running a writable rsync daemon that is n ...

github логотип

GHSA-r5c5-5849-8rr9

github
больше 3 лет назад

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.

EPSS

Процентиль: 90%
0.05819
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-16