CVE: CVE-2002-0080

Descrizione: rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.

Vettore di attacco

Riferimenti esterni

• http://www.iss.net/security_center/static/8463.php
• http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3
• http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt
• http://www.securityfocus.com/bid/4285
• http://www.redhat.com/support/errata/RHSA-2002-026.html

Prodotti interessati

• n/a – n/a

Relazioni con altri prodotti

Nessun prodotto trovato per il CVE: cve-2002-0080

Ulteriori risorse disponibili

• Vulnerabilità scoperte nello stesso anno (2002)