Mandrake Linux Security Advisory : rsync (MDKSA-2002:009)

Critical Nessus Plugin ID 13917


The remote Mandrake Linux host is missing a security update.


Sebastian Krahmer of the SuSE Security Team performed an audit on the rsync tool and discovered that in several places signed and unsigned numbers were mixed, with the end result being insecure code. These flaws could be abused by remote users to write 0 bytes into rsync's memory and trick rsync into executing arbitrary code on the server.

It is recommended that all Mandrake Linux users update rsync immediately. As well, rsync server administrators should seriously consider making use of the 'use chroot', 'read only', and 'uid' options as these can significantly reduce the impact that security problems in rsync (or elsewhere) have on the server.


Update the affected rsync package.

Plugin Details

Severity: Critical

ID: 13917

File Name: mandrake_MDKSA-2002-009.nasl

Version: $Revision: 1.15 $

Type: local

Published: 2004/07/31

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:rsync, cpe:/o:mandrakesoft:mandrake_linux:7.1, cpe:/o:mandrakesoft:mandrake_linux:7.2, cpe:/o:mandrakesoft:mandrake_linux:8.0, cpe:/o:mandrakesoft:mandrake_linux:8.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2002/01/28

Reference Information

CVE: CVE-2002-0048

MDKSA: 2002:009