CVE-2002-0048

Andrew Tridgell Rsync - Denial of Service

Title source: rule

Description

Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.

Exploits (3)

exploitdb WORKING POC VERIFIED
by sorbo · cremotelinux
https://www.exploit-db.com/exploits/21242
exploitdb WORKING POC VERIFIED
by Teso · cremotelinux
https://www.exploit-db.com/exploits/399
exploitdb WORKING POC VERIFIED
by Teso · cremotelinux
https://www.exploit-db.com/exploits/398

References (14)

Scores

EPSS 0.8176
EPSS Percentile 99.2%

Details

Status published
Products (9)
andrew_tridgell/rsync 2.3.1
andrew_tridgell/rsync 2.3.2
andrew_tridgell/rsync 2.3.2_1.2 (6 CPE variants)
andrew_tridgell/rsync 2.4.1
andrew_tridgell/rsync 2.4.3
andrew_tridgell/rsync 2.4.4
andrew_tridgell/rsync 2.4.6
andrew_tridgell/rsync 2.5.0_1
andrew_tridgell/rsync 2.5.1
Published Feb 27, 2002
Tracked Since Feb 18, 2026