A vulnerability has been identified in rsync, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified boundary error, which can be exploited to cause a heap overflow.
Successful exploitation allows malicious people to execute arbitrary code on a vulnerable system with the privileges of the rsync server.
NOTE: This vulnerability has already been exploited to compromise servers on the Internet in combination with a Linux privilege escalation
December 4, 2003