|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 1360-1 (rsync)|
|Summary:||Debian Security Advisory DSA 1360-1 (rsync)|
The remote host is missing an update to rsync
announced via advisory DSA 1360-1.
Sebastian Krahmer discovered that rsync, a fast remote file copy program,
contains an off-by-one error which might allow remote attackers to execute
arbitary code via long directory names.
For the stable distribution (etch), this problem has been fixed in version
For the old stable distribution (sarge), this problem is not presnt.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your rsync package.
Common Vulnerability Exposure (CVE) ID: CVE-2007-4091|
Bugtraq: 20070823 FLEA-2007-0047-1 rsync (Google Search)
Debian Security Information: DSA-1360 (Google Search)
SuSE Security Announcement: SUSE-SR:2007:017 (Google Search)
BugTraq ID: 25336
XForce ISS Database: rsync-fname-bo(36072)
|Copyright||Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com|
|This is only one of 56160 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.