Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

11 – 20 of 26 results

CVE-2017-15994

Low priority
Ignored

rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync...

1 affected packages

rsync

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsync Not affected Not affected
Show less packages

CVE-2016-9843

Low priority

Some fixes available 15 of 21

The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Needs evaluation Not affected Not affected Not affected Not affected
rsync Fixed Fixed Fixed Fixed Fixed
zlib Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-9842

Low priority

Some fixes available 15 of 21

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Needs evaluation Not affected Not affected Not affected Not affected
rsync Fixed Fixed Fixed Fixed Fixed
zlib Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-9841

Low priority

Some fixes available 23 of 27

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Fixed Fixed Fixed Fixed Fixed
rsync Fixed Fixed Fixed Fixed Fixed
zlib Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-9840

Low priority

Some fixes available 23 of 27

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Fixed Fixed Fixed Fixed Fixed
rsync Fixed Fixed Fixed Fixed Fixed
zlib Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2014-8242

Low priority
Vulnerable

librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.

1 affected packages

librsync

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
librsync Not affected Not affected Not affected Vulnerable Vulnerable
Show less packages

CVE-2014-9512

Medium priority

Some fixes available 4 of 6

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.

1 affected packages

rsync

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsync
Show less packages

CVE-2014-2855

Medium priority
Fixed

The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.

1 affected packages

rsync

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsync
Show less packages

CVE-2011-1097

Medium priority
Fixed

rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code...

1 affected packages

rsync

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsync
Show less packages

CVE-2008-5150

Negligible priority
Vulnerable

sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file.

1 affected packages

maildirsync

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
maildirsync Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. Next page
Export to JSON