CVE-2006-2083
published 2006-04-28CVE-2006-2083: Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| andrew_tridgell | rsync | — | — |
| andrew_tridgell | rsync | — | — |
| andrew_tridgell | rsync | — | — |
| andrew_tridgell | rsync | — | — |
| andrew_tridgell | rsync | — | — |
| andrew_tridgell | rsync | — | — |
| andrew_tridgell | rsync | — | — |
| andrew_tridgell | rsync | — | — |
| debian | rsync | < rsync 2.6.8-1 (bookworm) | rsync 2.6.8-1 (bookworm) |
| samba | rsync | >= 0 < 2.6.8-1 | 2.6.8-1 |
| samba | rsync | >= 0 < 2.6.8-1 | 2.6.8-1 |
| samba | rsync | >= 0 < 2.6.8-1 | 2.6.8-1 |
| samba | rsync | >= 0 < 2.6.8-1 | 2.6.8-1 |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH