Ancestors

Written by Jan Schaumann on 2025-01-14 at 18:26

6 new CVEs in "rsync".

"In the most severe CVE, an attacker only requires anonymous read access to a rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on."

That would be CVE-2024-12084 (9.8) AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, a heap-based buffer overflow in rsyncd.

https://www.openwall.com/lists/oss-security/2025/01/14/3

=> More informations about this toot | More toots from jschauma@mstdn.social

Toot

Written by SpaceLifeForm on 2025-01-14 at 20:11

@jschauma

Nasty. Clever.

=> More informations about this toot | More toots from SpaceLifeForm@infosec.exchange

Descendants

Proxy Information

Original URL: gemini://mastogem.picasoft.net/thread/113828528927380983
Status Code: Success (20)
Meta: text/gemini
Capsule Response Time: 255.717227 milliseconds
Gemini-to-HTML Time: 0.553983 milliseconds

This content has been proxied by September (ba2dc).