Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.1.2.2020.1257 |
Categoría: | Huawei EulerOS Local Security Checks |
Título: | Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2020-1257) |
Resumen: | The remote host is missing an update for the Huawei EulerOS 'rsync' package(s) announced via the EulerOS-SA-2020-1257 advisory. |
Descripción: | Summary: The remote host is missing an update for the Huawei EulerOS 'rsync' package(s) announced via the EulerOS-SA-2020-1257 advisory. Vulnerability Insight: The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.(CVE-2017-17433) rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.(CVE-2017-15994) Affected Software/OS: 'rsync' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-15994 Common Vulnerability Exposure (CVE) ID: CVE-2017-17433 |
Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |