Lsyncd 'default-rsyncssh.lua' Remote Command Injection Vulnerability

Bugtraq ID: 71179
Class: Input Validation Error
CVE: CVE-2014-8990
Remote: Yes
Local: No
Published: Nov 19 2014 12:00AM
Updated: Mar 07 2017 04:01AM
Credit: ckowarzik
Vulnerable: Lsyncd Lsyncd 2.0.7
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus