Slackware 8.1 / 9.0 / 9.1 / current : rsync update (SSA:2004-124-01)

medium Nessus Plugin ID 18768


The remote Slackware host is missing a security update.


New rsync packages are available for Slackware 8.1, 9.0, 9.1, and
-current to fix a security issue. When running an rsync server without the chroot option it is possible for an attacker to write outside of the allowed directory. Any sites running rsync in that mode should upgrade right away (and should probably look into using the chroot option as well).


Update the affected rsync package.

See Also

Plugin Details

Severity: Medium

ID: 18768

File Name: Slackware_SSA_2004-124-01.nasl

Version: 1.16

Type: local

Published: 7/13/2005

Updated: 1/14/2021

Risk Information


Risk Factor: Low

Score: 3.4


Risk Factor: Medium

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:rsync, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:8.1, cpe:/o:slackware:slackware_linux:9.0, cpe:/o:slackware:slackware_linux:9.1

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Patch Publication Date: 5/3/2004

Reference Information

CVE: CVE-2004-0426

SSA: 2004-124-01