Описание
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 3.1.2-2ubuntu0.1 |
| devel | not-affected | 3.1.2-2.1 |
| esm-infra-legacy/trusty | released | 3.1.0-2ubuntu0.3 |
| esm-infra/xenial | released | 3.1.1-3ubuntu1.1 |
| precise/esm | not-affected | 3.0.9-1ubuntu1.2 |
| trusty | released | 3.1.0-2ubuntu0.3 |
| trusty/esm | released | 3.1.0-2ubuntu0.3 |
| upstream | needs-triage | |
| xenial | released | 3.1.1-3ubuntu1.1 |
| zesty | released | 3.1.2-1ubuntu0.1 |
Показывать по
4.3 Medium
CVSS2
3.7 Low
CVSS3
Связанные уязвимости
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.
The recv_files function in receiver.c in the daemon in rsync 3.1.2, an ...
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.
Уязвимость функции recv_files в receiver.c утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю оказать воздействие на целостность данных
4.3 Medium
CVSS2
3.7 Low
CVSS3