Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Rsync | Andrew_tridgell | 2.3.1 | 2.3.1 |
Rsync | Andrew_tridgell | 2.3.2 | 2.3.2 |
Rsync | Andrew_tridgell | 2.4.0 | 2.4.0 |
Rsync | Andrew_tridgell | 2.4.1 | 2.4.1 |
Rsync | Andrew_tridgell | 2.4.3 | 2.4.3 |
Rsync | Andrew_tridgell | 2.4.4 | 2.4.4 |
Rsync | Andrew_tridgell | 2.4.5 | 2.4.5 |
Rsync | Andrew_tridgell | 2.4.6 | 2.4.6 |
Rsync | Andrew_tridgell | 2.4.8 | 2.4.8 |
Rsync | Andrew_tridgell | 2.5.0 | 2.5.0 |
Rsync | Andrew_tridgell | 2.5.1 | 2.5.1 |
Rsync | Andrew_tridgell | 2.5.2 | 2.5.2 |
Rsync | Andrew_tridgell | 2.5.3 | 2.5.3 |
Rsync | Andrew_tridgell | 2.5.4 | 2.5.4 |
Rsync | Andrew_tridgell | 2.5.5 | 2.5.5 |
Rsync | Andrew_tridgell | 2.5.6 | 2.5.6 |
Rsync | Redhat | 2.4.6-2 | 2.4.6-2 |
Rsync | Redhat | 2.4.6-5 | 2.4.6-5 |
Rsync | Redhat | 2.4.6-5 | 2.4.6-5 |
Rsync | Redhat | 2.5.4-2 | 2.5.4-2 |
Rsync | Redhat | 2.5.5-1 | 2.5.5-1 |
Rsync | Redhat | 2.5.5-4 | 2.5.5-4 |
Secure_community | Engardelinux | 1.0.1 | 1.0.1 |
Secure_community | Engardelinux | 2.0 | 2.0 |
Secure_linux | Engardelinux | 1.1 | 1.1 |
Secure_linux | Engardelinux | 1.2 | 1.2 |
Secure_linux | Engardelinux | 1.5 | 1.5 |
Red Hat Enterprise Linux 3 | RedHat | rsync-0:2.5.7-1 | * |