Multiple Off-by-One Errors in Rsync Affecting Directory Handling
CVE-2007-4091

Currently unrated

Key Information:

Vendor

Rsync

Status
Rsync
Vendor
CVE Published:
16 August 2007

What is CVE-2007-4091?

Rsync version 2.6.9 has multiple off-by-one errors in the sender.c file that could be exploited by remote attackers. By leveraging specifically crafted directory names during function calls to f_name, attackers may execute arbitrary code. This vulnerability emphasizes the need for cautious handling of directory input to mitigate potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/27896
third-party-advisoryx_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200709-13.xml
vendor-advisoryx_refsource_GENTOO
http://secunia.com/advisories/26822
third-party-advisoryx_refsource_SECUNIA

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.