Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.
Software | From | Fixed in |
---|---|---|
andrew_tridgell / rsync | 2.3.1 | 2.3.1.x |
andrew_tridgell / rsync | 2.3.2 | 2.3.2.x |
andrew_tridgell / rsync | 2.3.2_1.2 | 2.3.2_1.2.x |
andrew_tridgell / rsync | 2.3.2_1.3 | 2.3.2_1.3.x |
andrew_tridgell / rsync | 2.4.0 | 2.4.0.x |
andrew_tridgell / rsync | 2.4.1 | 2.4.1.x |
andrew_tridgell / rsync | 2.4.3 | 2.4.3.x |
andrew_tridgell / rsync | 2.4.4 | 2.4.4.x |
andrew_tridgell / rsync | 2.4.5 | 2.4.5.x |
andrew_tridgell / rsync | 2.4.6 | 2.4.6.x |
andrew_tridgell / rsync | 2.4.8 | 2.4.8.x |
andrew_tridgell / rsync | 2.5.0 | 2.5.0.x |
andrew_tridgell / rsync | 2.5.1 | 2.5.1.x |
andrew_tridgell / rsync | 2.5.2 | 2.5.2.x |
andrew_tridgell / rsync | 2.5.3 | 2.5.3.x |
andrew_tridgell / rsync | 2.5.4 | 2.5.4.x |
andrew_tridgell / rsync | 2.5.5 | 2.5.5.x |
andrew_tridgell / rsync | 2.5.6 | 2.5.6.x |
andrew_tridgell / rsync | 2.5.7 | 2.5.7.x |
andrew_tridgell / rsync | 2.6 | 2.6.x |
andrew_tridgell / rsync | 2.6.1 | 2.6.1.x |
andrew_tridgell / rsync | 2.6.2 | 2.6.2.x |