CVE-2017-15994

rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.
Configurations

Configuration 1 (hide)

cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*

History

07 Nov 2023, 02:40

Type Values Removed Values Added
References
  • {'url': 'https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b', 'name': 'https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b', 'tags': ['Issue Tracking', 'Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55', 'name': 'https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55', 'tags': ['Issue Tracking', 'Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3', 'name': 'https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3', 'tags': ['Issue Tracking', 'Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • () https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=9a480deec4d20277d8e20bc55515ef0640ca1e55 -
  • () https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3 -
  • () https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=c252546ceeb0925eb8a4061315e3ff0a8c55b48b -

Information

Published : 2017-10-29 06:29

Updated : 2024-02-28 16:04


NVD link : CVE-2017-15994

Mitre link : CVE-2017-15994

CVE.ORG link : CVE-2017-15994


JSON object : View

Products Affected

samba

  • rsync
CWE
CWE-354

Improper Validation of Integrity Check Value