CVE-2004-0426

EPSS 3.4%

rsync - directory traversal

發布日:2004/7/7修改日:2026/4/28

也稱為:DEBIAN-CVE-2004-0426

描述

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.

受影響套件(2)

Debian/rsyncfrom 0, < 2.6.1-1
Debian/rsyncfrom 0, < 2.5.5-0.5

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-0426