[rsync-announce] rsync security advisory

Daemian Mack dmack at tickets.com
Fri Dec 5 00:14:35 EST 2003


rsync-announce at lists.samba.org wrote:

> rsync 2.5.6 security advisory
> -----------------------------
> December 4th 2003
> 
> Background
> ----------
> 
> The rsync team has received evidence that a vulnerability in rsync was
> recently used in combination with a Linux kernel vulnerability to
> compromise the security of a public rsync server. While the forensic
> evidence we have is incomplete, we have pieced together the most
> likely way that this attack was conducted and we are releasing this
> advisory as a result of our investigations to date.

Would this be the rsync.gentoo.org box that was compromised on 12-02?



Daemian Mack




More information about the rsync mailing list