RSync Security Advisory
Niki Guldbrand
niki at lunar-linux.org
Thu Dec 4 10:59:20 GMT 2003
s/debian/gentoo/
On Thu, 2003-12-04 at 10:44, Niki Guldbrand wrote:
> Hi All.
>
> If any of you have a rsync server please update at once (Dbguin has been
> updated.)
>
> I have just bumped the version of rsync in moonbase to version 2.5.7
> which contains a Heap overflow fix which is belived to have been used to
> gain access to the debian systems, and together with the kernel do_brk
> bug would give full root access.
>
> See here for more details: http://rsync.samba.org/
>
>
> Niki
>
> ______________________________________________________________________
> _______________________________________________
> lunar mailing list
> lunar at lunar-linux.org
> http://dbguin.lunar-linux.org/mailman/listinfo/lunar
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lunar-linux.org/pipermail/lunar/attachments/20031204/5c873e37/attachment.bin
More information about the lunar
mailing list