Scannells

**Name of the Vulnerable Software and Affected Versions** MacPorts (affected versions not specified) **Description** A malicious or compromised MacPorts mirror can execute arbitrary commands as root on the machine of a client running port selfupdate against the mirror. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

The issue is related to rsync, a software package used for synchronizing files across different locations. A path traversal flaw was discovered in rsync when the `--safe-links` option is used. This flaw allows an attacker to write files arbitrarily outside the intended directory due to rsync's failure to correctly verify symbolic link destinations. The affected software is rsync, and the specific versions that are vulnerable are not specified in the given text. However, it is clear that the exploit can lead to arbitrary file writes, potentially causing significant security issues. The number of Internet users who may be affected by this issue is not provided. For more information, one might search for related exploit code, but caution should be exercised to avoid malicious sites. #rsync #PathTraversal #ALT Linux #SymbolicLink #ArbitraryFileWrite

**Name of the Vulnerable Software and Affected Versions** rsync (affected versions not specified) **Description** The issue is related to rsync, a software used for synchronizing files across different systems. It allows a server to enumerate the contents of an arbitrary file from the client's machine by sending specially constructed checksum values. This can enable an attacker to reconstruct the data of those files byte-by-byte based on the responses from the client. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

The rsync software is affected by a path traversal issue, which arises from the behavior enabled by the `--inc-recursive` option. This option is default-enabled for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client. The affected software is rsync, but the specific vulnerable versions are not specified in the given text. An exploit could potentially be used to write malicious files to arbitrary locations on the client's system. #rsync #pathtraversal #remoteserver #maliciousfiles #symlinkverification #deduplicationchecks #increcursiveoption #securityrisk #maliciousserver

The rsync daemon is affected by a flaw that can be triggered when comparing file checksums, allowing an attacker to manipulate the checksum length and cause a comparison between a checksum and uninitialized memory. This results in the leak of one byte of uninitialized stack data at a time. An exploit for this issue could potentially allow an attacker to leak sensitive data from the stack. The affected software is the rsync daemon. The flaw is related to a buffer overflow in memory due to incorrect comparison of file checksums, which can be exploited by a remote attacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information. More information about the issue can be found at https://access.redhat.com/security/cve/cve-2024-12085. #rsync #rsyncdaemon #linux #security #exploit #ASLR #bufferoverflow #uninitializedstack #remotexploit

**Name of the Vulnerable Software and Affected Versions** rsync versions prior to 3.4.0 **Description** Rsync contains multiple vulnerabilities, including a critical heap-buffer overflow that allows for remote code execution. The heap-based buffer overflow occurs due to improper handling of attacker-controlled checksum lengths (`s2length`) in the code. Specifically, when `MAX DIGEST LEN` exceeds the fixed `SUM LENGTH` (16 bytes), an attacker can write out of bounds in the `sum2` buffer. Approximately 600,000 systems are potentially affected globally. The vulnerability allows an attacker with anonymous read access to a rsync server to execute arbitrary code on the server. The `rsync` daemon is affected. **Recommendations** Upgrade to rsync version 3.4.0 or later.

**Name of the Vulnerable Software and Affected Versions** Kakadu version 7.9 **Description** The issue allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted image that is displayed back to the attacker. This is related to a JPX Fragment List (flst) box vulnerability. **Recommendations** For Kakadu version 7.9, consider restricting image upload capabilities to trusted users or disabling the display of user-uploaded images until a patch is available. As a temporary workaround, restrict access to sensitive files and directories on the server to minimize the risk of exploitation.