VDB
CVE-2002-0048
CVE-2002-0048
PUBLISHED
CVSS 10 CRITICAL
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
EPSS 81.76% · 99.2th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
81.76%
99.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| andrew_tridgell | rsync | 2.5.1, 2.3.1, 2.3.2 |
| n/a | n/a | n/a |
Exploit Intelligence
- 3958 (circl)
- 20020128 TSLSA-2002-0025 - rsync (circl)
- ESA-20020125-004 (circl)
- 20020127 rsync-2.5.2 has security fix (was: Re: [RHSA-2002:018-05] New rsync packages available) (circl)
- CLA-2002:458 (circl)
- VU#800635 (circl)
- DSA-106 (circl)
- SuSE-SA:2002:004 (circl)
- CSSA-2002-003.0 (circl)
- linux-rsync-root-access(7993) (circl)
…and 4 more exploits
Timeline
- Feb 18, 2002 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 3958 vdb
- 20020128 TSLSA-2002-0025 - rsync mailing-list
- ESA-20020125-004 vendor-advisory
- 20020127 rsync-2.5.2 has security fix (was: Re: [RHSA-2002:018-05] New rsync packages available) mailing-list
- CLA-2002:458 vendor-advisory
- VU#800635 third-party-advisory
- DSA-106 vendor-advisory
- SuSE-SA:2002:004 vendor-advisory
- CSSA-2002-003.0 vendor-advisory
- linux-rsync-root-access(7993) vdb
- RHSA-2002:018 vendor-advisory
- FreeBSD-SA-02:10 vendor-advisory
- HPSBTL0201-022 vendor-advisory
- MDKSA-2002:009 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2002-0048 advisory