FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rsync buffer overflow in server mode

Affected packages
rsync < 2.5.7

Details

VuXML ID 5729b8ed-5d75-11d8-80e3-0020ed76ef5a
Discovery 2003-12-04
Entry 2004-02-12

When rsync is run in server mode, a buffer overflow could allow a remote attacker to execute arbitrary code with the privileges of the rsync server. Anonymous rsync servers are at the highest risk.

References

CVE Name CVE-2003-0962
Message http://lists.samba.org/archive/rsync-announce/2003/000011.html
URL http://rsync.samba.org/#security