Family: Debian Local Security Checks --> Category: infos
[DSA499] DSA-499-2 rsync Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
A vulnerability was discovered in rsync, a file transfer program,
whereby a remote user could cause an rsync daemon to write files
outside of the intended directory tree. This vulnerability is not
exploitable when the daemon is configured with the 'chroot' option.
For the current stable distribution (woody) this problem has been
fixed in version 2.5.5-0.5.
For the unstable distribution (sid), this problem has been fixed in
We recommend that you update your rsync package.
Solution : http://www.debian.org/security/2004/dsa-499
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.