Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2017-16548

Disclosure Date: November 06, 2017 (last updated November 08, 2023)
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.

This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.