Potential File Write Vulnerability in rsync by Samba
CVE-2014-9512

Currently unrated

Key Information:

Vendor: Samba
Status: Rsync; Opensuse
Vendor: CVE Published:; 12 February 2015

What is CVE-2014-9512?

The vulnerability in rsync version 3.1.1 allows remote attackers to manipulate file synchronization processes. By leveraging a symlink attack, an attacker can gain the ability to write to arbitrary files within the synchronization path. This potential exploit can lead to unauthorized data modification or loss, posing serious risks to system integrity. Users are advised to update their rsync installations to mitigate this risk.

References

http://www.securitytracker.com/id/1034786

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/76093

vdb-entryx_refsource_BID

https://security.gentoo.org/glsa/201605-04

vendor-advisoryx_refsource_GENTOO

EPSS Score

8% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2015
Vulnerability Reserved
Jan 5, 2015