Tag: rsync

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.

 

Timeline

January 5, 2015	MITRE reserved CVE
February 12, 2015	NVD published advisory

Authority references

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9512
• http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9512

Vendor & other references

• https://bugzilla.samba.org/show_bug.cgi?id=10977
• http://xteam.baidu.com/?p=169
• http://lists.opensuse.org/opensuse-updates/2015-02/msg00041.html