Unrated severityNVD Advisory· Published Mar 15, 2002· Updated Apr 16, 2026

CVE-2002-0080

Description

rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.

Affected products

Samba (software)/Rsync
cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*
Range: <2.5.3
Red Hat/Linux4 versions
cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.redhat.com/support/errata/RHSA-2002-026.htmlnvdPatchThird Party Advisory
www.securityfocus.com/bid/4285nvdThird Party AdvisoryVDB Entry
www.caldera.com/support/security/advisories/CSSA-2002-014.1.txtnvdBroken Link
www.iss.net/security_center/static/8463.phpnvdBroken Link
www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000