CVE-2017-8805

Summary

Debian ftpsync before 20171017 does not use the rsync –safe-links option, which allows remote attackers to conduct directory traversal attacks via a crafted upstream mirror.

Affected Software

VendorProductVersion RangeStatus
n/aDebian ftpsync before 20171017Debian ftpsync before 20171017affected

Weaknesses

  • directory traversal

ADP Enrichment

CVE Program Container

Additional References

References