CVE-2017-15994
published 2017-10-29CVE-2017-15994: rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions…
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | rsync | — | — |
| samba | rsync | <= 3.1.2 | — |