Unrated severityNVD Advisory· Published Mar 30, 2011· Updated Apr 29, 2026
CVE-2011-1097
CVE-2011-1097
Description
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
Affected products
8cpe:2.3:a:samba:rsync:3.0.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:samba:rsync:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:rsync:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:rsync:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:rsync:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:rsync:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:rsync:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:rsync:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:rsync:3.0.7:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
19- bugzilla.redhat.com/show_bug.cginvdPatch
- www.vupen.com/english/advisories/2011/0792nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0793nvdVendor Advisory
- gitweb.samba.orgnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-April/057641.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-April/057736.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-April/057737.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.htmlnvd
- lists.samba.org/archive/rsync/2011-January/025988.htmlnvd
- marc.infonvd
- rsync.samba.org/ftp/rsync/src/rsync-3.0.8-NEWSnvd
- secunia.com/advisories/44071nvd
- secunia.com/advisories/44088nvd
- securitytracker.com/idnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2011-0390.htmlnvd
- www.vupen.com/english/advisories/2011/0873nvd
- www.vupen.com/english/advisories/2011/0876nvd
- bugzilla.samba.org/show_bug.cginvd
News mentions
0No linked articles in our index yet.