Ubuntu Security Notice (C) 2007-2014 Canonical, Inc. / NASL script (C) 2007-2014 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Sebastian Krahmer discovered that rsync contained an off-by-one
miscalculation when handling certain file paths. By creating a
specially crafted tree of files and tricking an rsync server into
processing them, a remote attacker could write a single NULL to stack
memory, possibly leading to arbitrary code execution.
Update the affected rsync package.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : false