CVE-2014-9512
published 2015-02-12CVE-2014-9512: rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.
medium6.4CVSS 3.1
AVNACLAuNCNIPAP
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos_catalina_10.15.6_security_update_2020-004_mojave_security_update_2020-004 | — | — |
| debian | rsync | < rsync 3.1.1-3 (bookworm) | rsync 3.1.1-3 (bookworm) |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| oracle | solaris | — | — |
| oracle | solaris | — | — |
| samba | rsync | — | — |
| samba | rsync | >= 0 < 3.1.1-3 | 3.1.1-3 |
| samba | rsync | >= 0 < 3.1.1-3 | 3.1.1-3 |
| samba | rsync | >= 0 < 3.1.1-3 | 3.1.1-3 |
| samba | rsync | >= 0 < 3.1.1-3 | 3.1.1-3 |
CVSS provenance
nvd6.4MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:P
osv6.4MEDIUM