CVE Vulnerabilities

CVE-2003-0962

Published: Dec 15, 2003 | Modified: May 03, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

Affected Software

Name Vendor Start Version End Version
Rsync Andrew_tridgell 2.3.1 (including) 2.3.1 (including)
Rsync Andrew_tridgell 2.3.2 (including) 2.3.2 (including)
Rsync Andrew_tridgell 2.4.0 (including) 2.4.0 (including)
Rsync Andrew_tridgell 2.4.1 (including) 2.4.1 (including)
Rsync Andrew_tridgell 2.4.3 (including) 2.4.3 (including)
Rsync Andrew_tridgell 2.4.4 (including) 2.4.4 (including)
Rsync Andrew_tridgell 2.4.5 (including) 2.4.5 (including)
Rsync Andrew_tridgell 2.4.6 (including) 2.4.6 (including)
Rsync Andrew_tridgell 2.4.8 (including) 2.4.8 (including)
Rsync Andrew_tridgell 2.5.0 (including) 2.5.0 (including)
Rsync Andrew_tridgell 2.5.1 (including) 2.5.1 (including)
Rsync Andrew_tridgell 2.5.2 (including) 2.5.2 (including)
Rsync Andrew_tridgell 2.5.3 (including) 2.5.3 (including)
Rsync Andrew_tridgell 2.5.4 (including) 2.5.4 (including)
Rsync Andrew_tridgell 2.5.5 (including) 2.5.5 (including)
Rsync Andrew_tridgell 2.5.6 (including) 2.5.6 (including)
Rsync Redhat 2.4.6-2 (including) 2.4.6-2 (including)
Rsync Redhat 2.4.6-5 (including) 2.4.6-5 (including)
Rsync Redhat 2.5.4-2 (including) 2.5.4-2 (including)
Rsync Redhat 2.5.5-1 (including) 2.5.5-1 (including)
Rsync Redhat 2.5.5-4 (including) 2.5.5-4 (including)
Secure_community Engardelinux 1.0.1 (including) 1.0.1 (including)
Secure_community Engardelinux 2.0 (including) 2.0 (including)
Secure_linux Engardelinux 1.1 (including) 1.1 (including)
Secure_linux Engardelinux 1.2 (including) 1.2 (including)
Secure_linux Engardelinux 1.5 (including) 1.5 (including)
Red Hat Enterprise Linux 3 RedHat rsync-0:2.5.7-1 *
Red Hat Linux 7.1 RedHat *
Red Hat Linux 7.2 RedHat *
Red Hat Linux 7.3 RedHat *
Red Hat Linux 8.0 RedHat *
Red Hat Linux 9 RedHat *

References