CVE-2007-4091
published 2007-08-16CVE-2007-4091: Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | rsync | < rsync 2.6.9-5 (bookworm) | rsync 2.6.9-5 (bookworm) |
| rsync | rsync | — | — |
| samba | rsync | >= 0 < 2.6.9-5 | 2.6.9-5 |
| samba | rsync | >= 0 < 2.6.9-5 | 2.6.9-5 |
| samba | rsync | >= 0 < 2.6.9-5 | 2.6.9-5 |
| samba | rsync | >= 0 < 2.6.9-5 | 2.6.9-5 |
CVSS provenance
nvd6.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM