FreeBSD : rsnapshot -- local privilege escalation (8c5ad0cf-ba37-11d9-837d-000e0c2e438a)
Medium Nessus Plugin ID 19023
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionAn rsnapshot Advisory reports :
The copy_symlink() subroutine in rsnapshot incorrectly changes file ownership on the files pointed to by symlinks, not on the symlinks themselves. This would allow, under certain circumstances, an arbitrary user to take ownership of a file on the main filesystem.
SolutionUpdate the affected package.