Nessus Plugin #14223
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
rsync path sanitation vulnerability
- Family:
- Gain root remotely
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2004 David Maciejak
- Summary:
- Determines if rsync is running
- Version:
- $Revision: 1.7 $
- Cve_id:
- CAN-2004-0792
- Bugtraq_id:
- 10938
- Xrefs:
- -
- Description:
A vulnerability has been reported in rsync, which potentially can be exploited
by malicious users to read or write arbitrary files on a vulnerable system.
rsync is a software product for keeping files synched across multiple
systems. Rsync is a network-based program and typically communicates
over TCP port 873.
There is a flaw in this version of rsync which, due to an input validation
error, would allow a remote attacker to gain access to the remote system.
An attacker, exploiting this flaw, would need network access to the TCP port.
Successful exploitation requires that the rsync daemon is *not* running chrooted.
*** Since rsync does not advertise its version number
*** and since there are little details about this flaw at
*** this time, this might be a false positive
Solution : Upgrade to rsync 2.6.3 or newer
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.