This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing a security update.
An advisory was sent out by the rsync team regarding a security
vulnerability in all versions of rsync prior to and including 2.6.2.
If rsync is running in daemon mode, and not in a chrooted environment,
it is possible for a remote attacker to trick rsyncd into creating an
absolute pathname while sanitizing it. This vulnerability allows a
remote attacker to possibly read/write to/from files outside of the
The updated packages are patched to prevent this problem.
See also :
Update the affected rsync package.
Risk factor :
Medium / CVSS Base Score : 6.4