CVE-2017-8805

Published: Oct 17, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote attackers to conduct directory traversal attacks via a crafted upstream mirror.

Vendor	Product	Versions
n/a	Debian ftpsync before 20171017	affected `Debian ftpsync before 20171017`

References

http://www.openwall.com/lists/oss-security/2017/10/17/2

x_refsource_CONFIRM

https://lists.debian.org/debian-mirrors/2017/10/msg00017.html

x_refsource_CONFIRM

https://anonscm.debian.org/cgit/mirror/archvsync.git/commit/?id=d1ca2ab2210990b6dfb664cd6776a41b71c48016

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-8805

Description

Affected Products

References