Family: FreeBSD Local Security Checks --> Category: infos
FreeBSD Ports : rsync < 2.6.2_2 Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the rsync package
Detailed Explanation for this Vulnerability Test
The remote host has an old version of rsync installed.
There is a flaw in this version of rsync which, due to an input validation
error, would allow a remote attacker to gain access to the remote system.
A possible hacker, exploiting this flaw, would need network access to the TCP port.
Successful exploitation requires that the rsync daemon is *not* running chroot.
Solution : http://www.vuxml.org/freebsd/73ea0706-9c57-11d8-9366-0020ed76ef5a.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.