CVE-2002-0080
First published: Fri Mar 15 2002(Updated: )
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samba Rsync | <2.5.3 | |
| Redhat Linux | =7.0 | |
| Redhat Linux | =7.2 | |
| Redhat Linux | =6.2 | |
| Redhat Linux | =7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/samba
- canonical/samba rsync
- vendor/redhat
- canonical/redhat linux
- version/redhat linux/7.0
- version/redhat linux/7.2
- version/redhat linux/6.2
- version/redhat linux/7.1