CVE-2002-0048

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/02/2002
Last modified:
03/04/2025

Description

Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:andrew_tridgell:rsync:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:alpha:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:arm:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:intel:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:m68k:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:ppc:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.3.2_1.2:*:sparc:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.5.0_1:*:*:*:*:*:*:*
cpe:2.3:a:andrew_tridgell:rsync:2.5.1:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools