Total vulnerabilities in the database
The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.
| Software | From | Fixed in |
|---|---|---|
| samba / rsync | 2.7.8 | 2.7.8.x |
| samba / rsync | 3.0.5 | 3.0.5.x |
| samba / rsync | 2.6.9 | 2.6.9.x |
| samba / rsync | 2.7.1 | 2.7.1.x |
| samba / rsync | 2.7.9 | 2.7.9.x |
| samba / rsync | 3.0.0 | 3.0.0.x |
| samba / rsync | 2.8.9 | 2.8.9.x |
| samba / rsync | 2.7.7 | 2.7.7.x |
| samba / rsync | 2.7.4 | 2.7.4.x |
| samba / rsync | 3.0.8 | 3.0.8.x |
| samba / rsync | 2.8.2 | 2.8.2.x |
| samba / rsync | 2.7.3 | 2.7.3.x |
| samba / rsync | 2.9.9 | 2.9.9.x |
| samba / rsync | 2.9.8 | 2.9.8.x |
| samba / rsync | 3.0.9 | 3.0.9.x |
| samba / rsync | 2.8.7 | 2.8.7.x |
| samba / rsync | 2.9.6 | 2.9.6.x |
| samba / rsync | 3.0.3 | 3.0.3.x |
| samba / rsync | 3.0.2 | 3.0.2.x |
| samba / rsync | 2.9.3 | 2.9.3.x |
| samba / rsync | 2.8.4 | 2.8.4.x |
| samba / rsync | 2.8.1 | 2.8.1.x |
| samba / rsync | - | 3.1.0.x |
| samba / rsync | 2.9.0 | 2.9.0.x |
| samba / rsync | 2.8.8 | 2.8.8.x |
| samba / rsync | 2.8.5 | 2.8.5.x |
| samba / rsync | 3.0.7 | 3.0.7.x |
| samba / rsync | 2.7.2 | 2.7.2.x |
| samba / rsync | 2.9.7 | 2.9.7.x |
| samba / rsync | 2.9.2 | 2.9.2.x |
| samba / rsync | 2.9.1 | 2.9.1.x |
| samba / rsync | 2.7.5 | 2.7.5.x |
| samba / rsync | 2.9.5 | 2.9.5.x |
| samba / rsync | 2.8.6 | 2.8.6.x |
| samba / rsync | 3.0.4 | 3.0.4.x |
| samba / rsync | 2.7.6 | 2.7.6.x |
| samba / rsync | 2.9.4 | 2.9.4.x |
| samba / rsync | 2.8.0 | 2.8.0.x |
| samba / rsync | 2.8.3 | 2.8.3.x |
| samba / rsync | 3.0.1 | 3.0.1.x |
| samba / rsync | 2.7.0 | 2.7.0.x |
| samba / rsync | 3.0.6 | 3.0.6.x |