rpm package
suse/rsync&distro=SUSE Linux Enterprise Server 11 SP3
pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-8242 | — | < 3.0.4-2.49.1 | 3.0.4-2.49.1 | Oct 26, 2015 | librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack. | ||
| CVE-2014-9512 | — | < 3.0.4-2.49.1 | 3.0.4-2.49.1 | Feb 12, 2015 | rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path. |
- CVE-2014-8242Oct 26, 2015affected < 3.0.4-2.49.1fixed 3.0.4-2.49.1
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.
- CVE-2014-9512Feb 12, 2015affected < 3.0.4-2.49.1fixed 3.0.4-2.49.1
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.