FreeBSD Ports : rsync < 2.6.2_2
Medium Nessus Plugin ID 14386
SynopsisThe remote device is missing a vendor-supplied security patch
DescriptionThe remote host has an old version of rsync installed.
There is a flaw in this version of rsync which, due to an input validation error, would allow a remote attacker to gain access to the remote system.
An attacker, exploiting this flaw, would need network access to the TCP port.
Successful exploitation requires that the rsync daemon is *not* running chroot.