CVE-2002-0080 | Date: (C)2002-03-15 (M)2023-12-22 |
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 2.1 |
Exploit Score: 3.9 |
Impact Score: 2.9 |
|
CVSS V2 Metrics: |
Access Vector: LOCAL |
Access Complexity: LOW |
Authentication: NONE |
Confidentiality: PARTIAL |
Integrity: NONE |
Availability: NONE |
| |