Full Disclosure mailing list archives
rPSA-2007-0257-1 rsync
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Tue, 04 Dec 2007 18:30:21 -0500
rPath Security Advisory: 2007-0257-1 Published: 2007-12-04 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: rsync=conary.rpath.com@rpl:1/2.6.8-1.2-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-1989 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6200 Description: Previous versions of the rsync package contain two vulnerabilities in the rsync server which can allow users to bypass security restrictions under certain specific configurations. As these vulnerabilities are only exposed when running the rsync server, default configurations are not vulnerable. http://wiki.rpath.com/Advisories:rPSA-2007-0257 Copyright 2007 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- rPSA-2007-0257-1 rsync rPath Update Announcements (Dec 04)