Total vulnerabilities in the database
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
| Software | From | Fixed in |
|---|---|---|
| rsync / rsync | 2.3.1 | 2.3.1.x |
| rsync / rsync | 2.3.2 | 2.3.2.x |
| rsync / rsync | 2.3.2_1.2alpha | 2.3.2_1.2alpha.x |
| rsync / rsync | 2.3.2_1.2arm | 2.3.2_1.2arm.x |
| rsync / rsync | 2.3.2_1.2intel | 2.3.2_1.2intel.x |
| rsync / rsync | 2.3.2_1.2m68k | 2.3.2_1.2m68k.x |
| rsync / rsync | 2.3.2_1.2ppc | 2.3.2_1.2ppc.x |
| rsync / rsync | 2.3.2_1.2sparc | 2.3.2_1.2sparc.x |
| rsync / rsync | 2.3.2_1.3 | 2.3.2_1.3.x |
| rsync / rsync | 2.4.0 | 2.4.0.x |
| rsync / rsync | 2.4.1 | 2.4.1.x |
| rsync / rsync | 2.4.3 | 2.4.3.x |
| rsync / rsync | 2.4.4 | 2.4.4.x |
| rsync / rsync | 2.4.5 | 2.4.5.x |
| rsync / rsync | 2.4.6 | 2.4.6.x |
| rsync / rsync | 2.4.8 | 2.4.8.x |
| rsync / rsync | 2.5.0 | 2.5.0.x |
| rsync / rsync | 2.5.1 | 2.5.1.x |
| rsync / rsync | 2.5.2 | 2.5.2.x |
| rsync / rsync | 2.5.3 | 2.5.3.x |
| rsync / rsync | 2.5.4 | 2.5.4.x |
| rsync / rsync | 2.5.5 | 2.5.5.x |
| rsync / rsync | 2.5.6 | 2.5.6.x |
| rsync / rsync | 2.5.7 | 2.5.7.x |
| rsync / rsync | 2.6 | 2.6.x |
| rsync / rsync | 2.6.1 | 2.6.1.x |
| rsync / rsync | 2.6.2 | 2.6.2.x |
| rsync / rsync | 2.6.5 | 2.6.5.x |
| rsync / rsync | 2.6.6 | 2.6.6.x |
| rsync / rsync | 2.6.7 | 2.6.7.x |
| rsync / rsync | 2.6.8 | 2.6.8.x |
| rsync / rsync | 2.6.9 | 2.6.9.x |