December 4, 2003

rsync Unspecified Heap Overflow Vulnerability

A vulnerability has been identified in rsync, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified boundary error, which can be exploited to cause a heap overflow.
Successful exploitation allows malicious people to execute arbitrary code on a vulnerable system with the privileges of the rsync server.
NOTE: This vulnerability has already been exploited to compromise servers on the Internet in combination with a Linux privilege escalation
vulnerability.

Link: secunia.com

Category:

  • Security
Click Here!