← CVECheck
HomeVulnerabilities

CVE-2002-0080 — LOW severity vulnerability (rsync, when running in daemon mode, does not properly call s)

rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.

CVE IDCVE-2002-0080
SeverityLOW
CVSS score2.1
CVSS vectorAV:L/AC:L/Au:N/C:P/I:N/A:N
CWECWE-269
StatusModified
Published2002-03-15
Last modified2026-04-16
Descriptionrsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →