## December 5, 2003

### Buffer Overflow in Rsync 2.5.6

Apparently, there’s a heap overflow vulnerability in rsync 2.5.6 (the version that ships with Panther) and earlier. This is a serious threat, if you run rsync in daemon mode. Upgrading to 2.5.7 fixes the problem.

Between that and the local root hole in the Linux kernel, Linux folks have been busy lately. (Point of amusement: note the PGP signature on that Advisory!)

Posted by distler at December 5, 2003 9:04 AM

TrackBack URL for this Entry:   http://golem.ph.utexas.edu/cgi-bin/MT-3.0/dxy-tb.fcgi/258