GLSA-201805-04 : rsync: Arbitrary command execution
Medium Nessus Plugin ID 109627
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201805-04 (rsync: Arbitrary command execution)
A vulnerability was discovered in rsync’s parse_arguments function in options.c.
Remote attackers could possibly execute arbitrary commands with the privilege of the process.
There is no known workaround at this time.
SolutionAll rsync users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/rsync-3.1.3'