rcp
by Linux
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0767 | 0.03 | — | 0.01 | Sep 8, 1999 | Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. | |||
| CVE-2019-7283 | 0.00 | — | 0.00 | Jan 31, 2019 | An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle… | |||
| CVE-1999-1299 | 0.00 | — | 0.00 | Feb 3, 1997 | rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. |
- CVE-1999-0767Sep 8, 1999risk 0.03cvss —epss 0.01
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
- CVE-2019-7283Jan 31, 2019risk 0.00cvss —epss 0.00
An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle…
- CVE-1999-1299Feb 3, 1997risk 0.00cvss —epss 0.00
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.