漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
rsync 输入验证错误漏洞
Vulnerability Description
rsync是Wayne Davison个人开发者的一个提供快速增量文件传输的开源实用程序。 rsync 3.2.5之前版本存在安全漏洞,该漏洞源于rsync 客户端对文件名的验证不足。
CVSS Information
N/A
Vulnerability Type
N/A