SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2014-9512

Date: (C)2015-02-13 (M)2023-12-22

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.4
Exploit Score: 10.0
Impact Score: 4.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: PARTIAL

Reference:

SECTRACK-1034786

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

http://xteam.baidu.com/?p=169

https://bugzilla.samba.org/show_bug.cgi?id=10977

https://support.apple.com/kb/HT211168

https://support.apple.com/kb/HT211170

https://support.apple.com/kb/HT211171

https://support.apple.com/kb/HT211175

https://support.apple.com/kb/HT211289

openSUSE-SU-2015:0249

openSUSE-SU-2016:1671

openSUSE-SU-2016:1695

cpe:/o:opensuse:opensuse:13.1

oval:org.secpod.oval:def:702941
oval:org.secpod.oval:def:89045202
oval:org.secpod.oval:def:65738
oval:org.secpod.oval:def:89045189
...

© SecPod Technologies