Six vulnerabilities discovered in rsync

by
daroc
from LWN.net on (#6TJZT)

Nick Taitannounced on theoss-security mailing list thatrsync, the widely used file transfer program, had a number of serious vulnerabilities.Users can mitigate all six vulnerabilities by upgrading toversion 3.4.0, which was released on January 14. While all users should upgrade, servers that use rsyncd areespecially impacted:

In the most severe CVE, an attacker only requiresanonymous read access to a rsync server, such as a public mirror, toexecute arbitrary code on the machine the server is running on.
External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments