A vulnerability has been identified in rsync, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified boundary error, which can be exploited to cause a heap overflow.
Successful exploitation allows malicious people to execute arbitrary code on a vulnerable system with the privileges of the rsync server.
NOTE: This vulnerability has already been exploited to compromise servers on the Internet in combination with a Linux privilege escalation
vulnerability.
The vulnerability is caused due to an unspecified boundary error, which can be exploited to cause a heap overflow.
Successful exploitation allows malicious people to execute arbitrary code on a vulnerable system with the privileges of the rsync server.
NOTE: This vulnerability has already been exploited to compromise servers on the Internet in combination with a Linux privilege escalation
vulnerability.
Link: secunia.com
Category:
- Security