- Description
- A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
- Source
- secalert@redhat.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- secalert@redhat.com
- CWE-119
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
🚨 Rsync Vulnerabilities Let Attacker Gain Full Server Control Read more: https://t.co/8JtyChMNtq ✅ Heap Buffer Overflow in Checksum Handling (CVE-2024-12084) ✅ ASLR Bypass via Stack Information Leak (CVE-2024-12085) #cybersecurity #linux
@gbhackers_news
26 Feb 2025
51 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Rsync Vulnerabilities Let Attacker Gain Full Server Control Read more: https://t.co/qN2c0x79MS ✅ Heap Buffer Overflow in Checksum Handling (CVE-2024-12084) ✅ ASLR Bypass via Stack Information Leak (CVE-2024-12085) ✅ Client-Side File Exfiltration (CVE-2024-12086) ✅… https://
@The_Cyber_News
26 Feb 2025
356 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published #PoC https://t.co/ogBUaDwN7n
@samilaiho
26 Feb 2025
125 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published Explore CVE-2024-12084 PoC and learn about critical vulnerabilities in Rsync that could enable remote code execution and data leaks. https://t.co/Wyl3fUY3Cf
@the_yellow_fall
26 Feb 2025
518 Impressions
4 Retweets
5 Likes
0 Bookmarks
0 Replies
0 Quotes
Six vulnerabilities in Rsync include CVE-2024-12084, a critical heap-based buffer overflow, and CVE-2024-12085, a high-severity checksum flaw. Combined, they allow code execution. Shodan shows 660,000+ exposed Rsync servers. Update immediately.
@Cyber_Sec_Raj
25 Jan 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12747,CVE-2024-12088,CVE-2024-12087,CVE-2024-12085,CVE-2024-12084 alert 🚨 RSYNC: Multiples vulnerabilities leading to Remote Code Execution The vulnerabilities have been integrated into Patrowl. Our customers assets are protected. 🦉 #CyberSecurity #InfoSec #rsync https
@Patrowl_io
22 Jan 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[1day1line] CVE-2024-12085: rsync Info Leak Vulnerability via Uninitialized Stack Contents https://t.co/4U24GaCTVb Uninitialized Stack Contents vulnerability was discovered in rsync. If an attacker manipulates s2length, they can read memory beyond the sum2 variable during the…
@hackyboiz
18 Jan 2025
1738 Impressions
9 Retweets
32 Likes
8 Bookmarks
0 Replies
0 Quotes
[1/4] 🚨Two days ago, 6 vulnerabilities affecting rsync, a widely-used file transferring and synchronizing utility were published. Two of these, CVE-2024-12084 - a heap buffer overflow that could lead to code execution, and CVE-2024-12085 - an information leak allowing one-byte…
@JFrogSecurity
16 Jan 2025
530 Impressions
3 Retweets
7 Likes
2 Bookmarks
1 Reply
0 Quotes