Test ID:	1.3.6.1.4.1.25623.1.0.11390
Category:	Gain root remotely
Title:	rsync array overflow
Summary:	NOSUMMARY
Description:	Description: The remote rsync server is vulnerable to an array index overflow. An attacker may use this flaw to gain a shell on this host Solution : Upgrade to rsync 2.5.2 or newer Risk factor : High
Cross-Ref:	BugTraq ID: 3958 Common Vulnerability Exposure (CVE) ID: CVE-2002-0048 http://www.securityfocus.com/bid/3958 Bugtraq: 20020127 rsync-2.5.2 has security fix (was: Re: [RHSA-2002:018-05] New rsync packages available) (Google Search) http://marc.info/?l=bugtraq&m=101223603321315&w=2 Bugtraq: 20020128 TSLSA-2002-0025 - rsync (Google Search) http://marc.info/?l=bugtraq&m=101223214906963&w=2 http://www.caldera.com/support/security/advisories/CSSA-2002-003.0.txt CERT/CC vulnerability note: VU#800635 http://www.kb.cert.org/vuls/id/800635 Conectiva Linux advisory: CLA-2002:458 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000458 Debian Security Information: DSA-106 (Google Search) http://www.debian.org/security/2002/dsa-106 En Garde Linux Advisory: ESA-20020125-004 http://www.linuxsecurity.com/advisories/other_advisory-1853.html FreeBSD Security Advisory: FreeBSD-SA-02:10 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:10.rsync.asc HPdes Security Advisory: HPSBTL0201-022 http://online.securityfocus.com/advisories/3839 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-009.php http://www.redhat.com/support/errata/RHSA-2002-018.html SuSE Security Announcement: SuSE-SA:2002:004 (Google Search) http://lists.suse.com/archives/suse-security-announce/2002-Jan/0003.html http://www.iss.net/security_center/static/7993.php
Copyright	This script is Copyright (C) 2003 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.