CVE-2004-0792 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2004-0792
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-0792

Description: Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.

CVE Status: Candidate

References: TRUSTIX http://www.trustix.net/errata/2004/0042/ SUSE http://www.novell.com/linux/security/advisories/2004_26_rsync.html MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:083 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200408-17.xml DEBIAN http://www.debian.org/security/2004/dsa-538 CONFIRM http://samba.org/rsync/#security_aug04 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=109268147522290&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=109277141223839&w=2

Return to the previous page.