CVE-2014-8990

Description

default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.

Base Score

9.8

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

4.309

Vulnerability	OS Platform
lsyncd security update(DSA-3130-1) lsyncd_2.0.7-3+deb7u1_i386.deb	Linux

No records found