CVE-2004-0792
EPSS 0.78%rsync - unauthorised directory traversal and file access
Published: 10/20/2004Modified: 4/28/2026
Description
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.
Affected packages (2)
- Debian/rsyncfrom 0, < 2.6.2-3
- Debian/rsyncfrom 0, < 2.5.5-0.6