Unrated severityNVD Advisory· Published Oct 20, 2004· Updated Apr 16, 2026
CVE-2004-0792
CVE-2004-0792
Description
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.
Affected products
27cpe:2.3:a:andrew_tridgell:rsync:2.3.1:*:*:*:*:*:*:*+ 26 more
- cpe:2.3:a:andrew_tridgell:rsync:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:alpha:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:arm:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:intel:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:m68k:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:ppc:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:sparc:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.3:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:andrew_tridgell:rsync:2.6.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.debian.org/security/2004/dsa-538nvdPatchVendor Advisory
- www.gentoo.org/security/en/glsa/glsa-200408-17.xmlnvdPatchVendor Advisory
- marc.infonvd
- marc.infonvd
- samba.org/rsync/nvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2004_26_rsync.htmlnvd
- www.trustix.net/errata/2004/0042/nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10561nvd
News mentions
0No linked articles in our index yet.