Mandriva Linux Security Advisory : rsync (MDVSA-2008:084)
High Nessus Plugin ID 36629
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionSebastian Krahmer of SUSE discovered that rsync could overflow when handling ACLs. An attacker could construct a malicious set of files that, when processed, could lead to arbitrary code execution or a crash (CVE-2008-1720).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected rsync package.