DEBIAN-CVE-2007-6199

DEBIAN-CVE-2007-6199 PUBLISHED

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.

Affected Products

Vendor	Product	Versions
Debian:11	rsync	0, 0, 0
Debian:12	rsync	0, 0, 0
Debian:14	rsync	0, 0, 0
Debian:13	rsync	0, 0, 0

Timeline

Dec 1, 2007 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2007-6199 advisory

Open in Interactive Console →