Описание
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.0 (исключая)
cpe:2.3:a:librsync_project:librsync:*:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02282
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
ubuntu
больше 10 лет назад
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.
debian
больше 10 лет назад
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, w ...
github
больше 3 лет назад
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.
EPSS
Процентиль: 84%
0.02282
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-310