CVE-2004-0426

Published: Apr 30, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

GLSA-200407-10

vendor-advisory

x_refsource_GENTOO

oval:org.mitre.oval:def:967

vdb-entry

signature

x_refsource_OVAL

11523

third-party-advisory

x_refsource_SECUNIA

20040521 [OpenPKG-SA-2004.025] OpenPKG Security Advisory (rsync)

mailing-list

x_refsource_BUGTRAQ

rsync-write-files(16014)

vdb-entry

x_refsource_XF

11688

third-party-advisory

x_refsource_SECUNIA

11669

third-party-advisory

x_refsource_SECUNIA

O-134

third-party-advisory

government-resource

x_refsource_CIAC

RHSA-2004:192

vendor-advisory

x_refsource_REDHAT

12054

third-party-advisory

x_refsource_SECUNIA

11514

third-party-advisory

x_refsource_SECUNIA

11993

third-party-advisory

x_refsource_SECUNIA

http://rsync.samba.org/

x_refsource_CONFIRM

SSA:2004-124-01

vendor-advisory

x_refsource_SLACKWARE

MDKSA-2004:042

vendor-advisory

x_refsource_MANDRAKE

oval:org.mitre.oval:def:9495

vdb-entry

signature

x_refsource_OVAL

11537

third-party-advisory

x_refsource_SECUNIA

DSA-499

vendor-advisory

x_refsource_DEBIAN

11583

third-party-advisory

x_refsource_SECUNIA

O-212

third-party-advisory

government-resource

x_refsource_CIAC

10247

vdb-entry

x_refsource_BID

TSL-2004-0024

vendor-advisory

x_refsource_TRUSTIX

11515

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2004-0426

Description

Affected Products

References