Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-16548 | 7.5 |
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash)
|
01-05-2020 - 14:14 | 06-11-2017 - 05:29 | |
CVE-2017-17433 | 4.3 |
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote atta
|
03-10-2019 - 00:03 | 06-12-2017 - 03:29 | |
CVE-2017-17434 | 7.5 |
The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechan
|
03-10-2019 - 00:03 | 06-12-2017 - 03:29 |