CVE Vulnerabilities

CVE-2007-6199

Published: Dec 01, 2007 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
LOW

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the modules hierarchy.

Affected Software

Name Vendor Start Version End Version
Slackware_linux Slackware 8.1 (including) 8.1 (including)
Slackware_linux Slackware 9.0 (including) 9.0 (including)
Slackware_linux Slackware 9.1 (including) 9.1 (including)
Slackware_linux Slackware 10.0 (including) 10.0 (including)
Slackware_linux Slackware 10.1 (including) 10.1 (including)
Slackware_linux Slackware 10.2 (including) 10.2 (including)
Slackware_linux Slackware 11.0 (including) 11.0 (including)
Slackware_linux Slackware 12.0 (including) 12.0 (including)
Rsync Ubuntu dapper *
Rsync Ubuntu edgy *
Rsync Ubuntu feisty *
Rsync Ubuntu gutsy *
Rsync Ubuntu upstream *

References