[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2002-0048Date: (C)2002-02-27   (M)2023-12-22


Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
http://marc.info/?l=bugtraq&m=101223603321315&w=2
http://marc.info/?l=bugtraq&m=101223214906963&w=2
BID-3958
CLA-2002:458
CSSA-2002-003.0
DSA-106
ESA-20020125-004
FreeBSD-SA-02:10
HPSBTL0201-022
MDKSA-2002:009
RHSA-2002:018
SuSE-SA:2002:004
VU#800635
linux-rsync-root-access(7993)

© SecPod Technologies