RSync Security Advisory
Niki Guldbrand
niki at lunar-linux.org
Thu Dec 4 10:44:58 GMT 2003
Hi All.
If any of you have a rsync server please update at once (Dbguin has been
updated.)
I have just bumped the version of rsync in moonbase to version 2.5.7
which contains a Heap overflow fix which is belived to have been used to
gain access to the debian systems, and together with the kernel do_brk
bug would give full root access.
See here for more details: http://rsync.samba.org/
Niki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lunar-linux.org/pipermail/lunar/attachments/20031204/207e0c1f/attachment.bin
More information about the lunar
mailing list