|
Family: Slackware Local Security Checks --> Category: infos
SSA-2004-124-01 rsync update Vulnerability Scan
Vulnerability Scan Summary SSA-2004-124-01 rsync update
Detailed Explanation for this Vulnerability Test
New rsync packages are available for Slackware 8.1, 9.0, 9.1, and -current to
fix a security issue. When running an rsync server without the chroot option
it is possible for a possible hacker to write outside of the allowed directory.
Any sites running rsync in that mode should upgrade right away (and should
probably look into using the chroot option as well).
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0426
Click HERE for more information and discussions on this network vulnerability scan.
|