Known Vulnerabilities for Rsync by Samba
Listed below are 10 of the newest known vulnerabilities associated with "Rsync" by "Samba".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-14387 | A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerabilit... | 7.4 - HIGH | 2021-05-27 | 2021-06-09 |
| CVE-2018-5764 | The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, whic... | 7.5 - HIGH | 2018-01-17 | 2023-11-07 |
| CVE-2017-17434 | The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filte... | 9.8 - CRITICAL | 2017-12-06 | 2023-11-07 |
| CVE-2017-17433 | The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with ce... | 3.7 - LOW | 2017-12-06 | 2023-11-07 |
| CVE-2017-16548 | The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in a... | 9.8 - CRITICAL | 2017-11-06 | 2023-11-07 |
| CVE-2017-15994 | rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass ... | 9.8 - CRITICAL | 2017-10-29 | 2023-11-07 |
| CVE-2014-9512 | rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path. | 6.4 - MEDIUM | 2015-02-12 | 2020-07-28 |
| CVE-2014-2855 | The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (... | 7.8 - HIGH | 2014-04-23 | 2023-11-07 |
| CVE-2011-1097 | rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to caus... | 5.1 - MEDIUM | 2011-03-30 | 2023-02-13 |
| CVE-2008-1720 | Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to exe... | 7.5 - HIGH | 2008-04-10 | 2023-02-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Samba | Rsync | 3.1.3 | All | All | All |
| Application | Samba | Rsync | 3.1.3 | - | All | All |
| Application | Samba | Rsync | 3.1.3 | pre1 | All | All |
| Application | Samba | Rsync | 3.1.2 | All | All | All |
| Application | Samba | Rsync | 3.1.2 | - | All | All |
| Application | Samba | Rsync | 3.1.2 | pre1 | All | All |
| Application | Samba | Rsync | 3.1.1 | All | All | All |
| Application | Samba | Rsync | 3.1.1 | - | All | All |
| Application | Samba | Rsync | 3.1.1 | pre1 | All | All |
| Application | Samba | Rsync | 3.1.1 | pre2 | All | All |
| Application | Samba | Rsync | 3.1.0 | All | All | All |
| Application | Samba | Rsync | 3.1.0 | - | All | All |
| Application | Samba | Rsync | 3.1.0 | pre1 | All | All |
| Application | Samba | Rsync | 3.0.9 | All | All | All |
| Application | Samba | Rsync | 3.0.9 | - | All | All |
| Application | Samba | Rsync | 3.0.9 | pre1 | All | All |
| Application | Samba | Rsync | 3.0.9 | pre2 | All | All |
| Application | Samba | Rsync | 3.0.8 | All | All | All |
| Application | Samba | Rsync | 3.0.8 | - | All | All |
| Application | Samba | Rsync | 3.0.8 | pre1 | All | All |