High severity7.5NVD Advisory· Published Jan 17, 2018· Updated Jun 17, 2026
CVE-2018-5764
CVE-2018-5764
Description
The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- osv-coords10 versionspkg:rpm/opensuse/rsync&distro=openSUSE%20Tumbleweedpkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
< 3.2.3-2.6+ 9 more
- (no CPE)range: < 3.2.3-2.6
- (no CPE)range: < 3.1.0-13.10.1
- (no CPE)range: < 3.1.0-13.10.1
- (no CPE)range: < 3.0.4-2.53.6.1
- (no CPE)range: < 3.1.0-13.10.1
- (no CPE)range: < 3.1.0-13.10.1
- (no CPE)range: < 3.1.0-13.10.1
- (no CPE)range: < 3.0.4-2.53.6.1
- (no CPE)range: < 3.1.0-13.10.1
- (no CPE)range: < 3.1.0-13.10.1
Patches
Vulnerability mechanics
References
9- www.securityfocus.com/bid/102803nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1040276nvdThird Party AdvisoryVDB Entry
- download.samba.org/pub/rsync/src-previews/rsync-3.1.3pre1-NEWSnvdRelease NotesVendor Advisory
- lists.debian.org/debian-lts-announce/2018/01/msg00021.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2019/03/msg00027.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2021/11/msg00028.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201805-04nvdThird Party Advisory
- usn.ubuntu.com/3543-1/nvdThird Party Advisory
- git.samba.org/rsync.git/nvd
News mentions
0No linked articles in our index yet.