rsync Signed Array Index Remote Code Execution Vulnerability

Bugtraq ID: 3958
Class: Access Validation Error
CVE: CVE-2002-0048
Remote: Yes
Local: No
Published: Jan 25 2002 12:00AM
Updated: Jul 11 2009 09:56AM
Credit: The discovery of this vulnerability has been credited to Sebastian Krahmer <krahmer@suse.de>.
Vulnerable: rsync rsync 2.5.1
rsync rsync 2.4.8
rsync rsync 2.4.6
rsync rsync 2.4.4
rsync rsync 2.4.3
rsync rsync 2.4.1
rsync rsync 2.3.2 -1.2 sparc
rsync rsync 2.3.2 -1.2 PPC
rsync rsync 2.3.2 -1.2 m68k
rsync rsync 2.3.2 -1.2 intel
rsync rsync 2.3.2 -1.2 ARM
rsync rsync 2.3.2 -1.2 alpha
rsync rsync 2.3.2
rsync rsync 2.3.1
Not Vulnerable: rsync rsync 2.5.2
rsync rsync 2.5 .0
rsync rsync 2.4.5
rsync rsync 2.3.2 -1.3


 

Privacy Statement
Copyright 2010, SecurityFocus