F5 Networks rsync RCE

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.

Synopsis :

The remote host is running a rsync daemon that allows a user to upload
arbitrary files.

Description :

The rsync daemon on the remote F5 Networks host is affected by an
authentication bypass vulnerability when configured in failover mode.
An unauthenticated, remote attacker can exploit this, via a cmi
request to the ConfigSync IP address, to read or write arbitrary

Nessus was able to confirm that a module on the remote rsync daemon
allows writing files to the root of the file system. An attacker can
overwrite '/root/.ssh/authorized_keys' and obtain ssh access, allowing
the execution of arbitrary code with the privileges of the root user.

See also :


Solution :

Disable the rsync daemon.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 78427 ()

Bugtraq ID: 69461

CVE ID: CVE-2014-2927

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now