Korean

<< Back VID 23069 Severity 40 Port 873 Protocol TCP Class RSYNCD Detailed Description The rsync server, according to its version number, is vulnerable to a directory traversal flaw. Included in most distributions of Linux, rsync is a popular tool for synchronizing files across multiple hosts. Though not enabled in the default configuration, rsync can be run as a daemon to facilitate the distribution of files to FTP mirror sites. rsync versions prior to 2.6.1 could allow remote attackers to write files outside of the module's path. If an rsync server is installed as a daemon with a read/write enabled module without using the 'chroot' option, it is possible that a remote attacker could write files outside of the configure module path. Exploitation of this vulnerability could allow the attacker to write files to the system, and possibly to execution of arbitrary code or denial of service. * Note: This check solely relied on the version number of the remote rsync server to assess this vulnerability, so this might be a false positive. * References: http://secunia.com/advisories/11514/ * Platforms Affected: GNU Project, rsync prior to 2.6.1 UNIX Any version Linux Any version Recommendation Upgrade to the latest version of rsync (2.6.1 or later), available from the rsync download Web page at http://samba.org/rsync/download.html For Debian GNU/Linux 3.0 (woody): Upgrade to the latest rsync package (2.5.5-0.4 or later), as listed in Debian Security Advisory DSA-499-1 at http://www.debian.org/security/2004/dsa-499 For Trustix Secure Linux: Upgrade to the latest rsync package, as listed in Trustix Secure Linux Security Advisory #2004-0024 at http://www.linuxsecurity.com/advisories/trustix_advisory-4298.html For other distributions: Contact your vendor for upgrade or patch information. As a workaround, enable a chrooted environment by setting the following configuration directive: "use chroot = yes" Related URL CVE-2004-0426 (CVE) Related URL 10247 (SecurityFocus) Related URL 16014 (ISS)