Back to search
CVE-2014-8990
Published: Dec 5, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
62321
third-party-advisory
x_refsource_SECUNIA
FEDORA-2014-15373
vendor-advisory
x_refsource_FEDORA
[oss-security] 20141119 CVE request: lsyncd command injection
mailing-list
x_refsource_MLIST
https://github.com/axkibe/lsyncd/issues/220
x_refsource_CONFIRM
71179
vdb-entry
x_refsource_BID
FEDORA-2014-15393
vendor-advisory
x_refsource_FEDORA
DSA-3130
vendor-advisory
x_refsource_DEBIAN
[oss-security] 20141120 Re: CVE request: lsyncd command injection
mailing-list
x_refsource_MLIST
GLSA-201702-05
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now