rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
CVSS Score
5.1
EPSS Score
0.024
Published
2011-03-30
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
CVSS Score
7.5
EPSS Score
0.084
Published
2008-04-10
Page 2