CVE

Id
4442  
CVE No.
CVE-2002-0048  
Status
Candidate  
Description
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.  
Phase
Modified (20050510)  
Votes
ACCEPT(4) Baker, Cole, Green, Wall | MODIFY(1) Frech | NOOP(2) Christey, Foat  
Comments
Frech> XF:linux-rsync-root-access(7993) | Christey> CALDERA:CSSA-2002-003.0 | Christey> Consider adding BID:3958  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
21475 4442 CVE-2002-0048 SUSE:SuSE-SA:2002:004  View
21476 4442 CVE-2002-0048 URL:http://lists.suse.com/archives/suse-security-announce/2002-Jan/0003.html  View
21477 4442 CVE-2002-0048 DEBIAN:DSA-106  View
21478 4442 CVE-2002-0048 URL:http://www.debian.org/security/2002/dsa-106  View
21479 4442 CVE-2002-0048 MANDRAKE:MDKSA-2002:009  View
21480 4442 CVE-2002-0048 URL:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-009.php  View
21481 4442 CVE-2002-0048 REDHAT:RHSA-2002:018  View
21482 4442 CVE-2002-0048 URL:http://www.redhat.com/support/errata/RHSA-2002-018.html  View
21483 4442 CVE-2002-0048 BUGTRAQ:20020128 TSLSA-2002-0025 - rsync  View
21484 4442 CVE-2002-0048 URL:http://marc.info/?l=bugtraq&m=101223214906963&w=2  View
21485 4442 CVE-2002-0048 BUGTRAQ:20020127 rsync-2.5.2 has security fix (was: Re: [RHSA-2002:018-05] New rsync packages available)  View
21486 4442 CVE-2002-0048 URL:http://marc.info/?l=bugtraq&m=101223603321315&w=2  View
21487 4442 CVE-2002-0048 CONECTIVA:CLA-2002:458  View
21488 4442 CVE-2002-0048 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000458  View
21489 4442 CVE-2002-0048 ENGARDE:ESA-20020125-004  View
21490 4442 CVE-2002-0048 URL:http://www.linuxsecurity.com/advisories/other_advisory-1853.html  View
21491 4442 CVE-2002-0048 CALDERA:CSSA-2002-003.0  View
21492 4442 CVE-2002-0048 URL:http://www.caldera.com/support/security/advisories/CSSA-2002-003.0.txt  View
21493 4442 CVE-2002-0048 FREEBSD:FreeBSD-SA-02:10  View
21494 4442 CVE-2002-0048 URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:10.rsync.asc  View
21495 4442 CVE-2002-0048 HP:HPSBTL0201-022  View
21496 4442 CVE-2002-0048 URL:http://online.securityfocus.com/advisories/3839  View
21497 4442 CVE-2002-0048 CERT-VN:VU#800635  View
21498 4442 CVE-2002-0048 URL:http://www.kb.cert.org/vuls/id/800635  View
21499 4442 CVE-2002-0048 XF:linux-rsync-root-access(7993)  View
21500 4442 CVE-2002-0048 URL:http://www.iss.net/security_center/static/7993.php  View
21501 4442 CVE-2002-0048 BID:3958  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63694 JVNDB-2002-000021 rsync の入出力機能に任意のコードを実行される脆弱性 rsync において、入出力関連の関数に問題があり、 array index に signed value が使用されている場合に、 rsync は任意のメモリ領域に NULL バイト文字の書き込みを許可する脆弱性が存在します。 CVE-2002-0048 4442 10 http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000021.html  View