Mandrake Linux Security Advisory : rsh (MDKSA-2005:100)
Medium Nessus Plugin ID 18497
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA vulnerability in the rcp protocol was discovered that allows a server to instruct a client to write arbitrary files outside of the current directory, which could potentially be a security concern if a user used rcp to copy files from a malicious server.
The updated packages have been patched to correct this problem.
SolutionUpdate the affected rsh and / or rsh-server packages.