Slackware 8.1 / 9.0 / 9.1 / current : rsync update (SSA:2004-124-01)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

New rsync packages are available for Slackware 8.1, 9.0, 9.1, and
-current to fix a security issue. When running an rsync server without
the chroot option it is possible for an attacker to write outside of
the allowed directory. Any sites running rsync in that mode should
upgrade right away (and should probably look into using the chroot
option as well).

See also :

http://www.nessus.org/u?9b9e9da7

Solution :

Update the affected rsync package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)

Family: Slackware Local Security Checks

Nessus Plugin ID: 18768 ()

Bugtraq ID:

CVE ID: CVE-2004-0426

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial