CVE-2007-6199

EPSS 6.6%

Published: 12/1/2007Modified: 4/28/2026

Description

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.

Affected packages (1)

Debian/rsyncfrom 0, < 2.6.9-6

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-6199