On Thu 04 Dec 2003, Martin Pool wrote:
- rsync version 2.5.6 contains a heap overflow vulnerability that can
be used to remotely run arbitrary code.
Is this specific to 2.5.6, or are earlier versions also vulnerable?
Important detail, as it makes the difference between needing to upgrade
[EMAIL PROTECTED] wrote:
rsync 2.5.6 security advisory
-
December 4th 2003
Background
--
The rsync team has received evidence that a vulnerability in rsync was
recently used in combination with a Linux kernel vulnerability to
compromise the security of a public
On Thu 04 Dec 2003, Paul Haas wrote:
On Thu 04 Dec 2003, Martin Pool wrote:
- rsync version 2.5.6 contains a heap overflow vulnerability that can
be used to remotely run arbitrary code.
Is this specific to 2.5.6, or are earlier versions also vulnerable?
Important detail, as it
On Thu, 4 Dec 2003, Paul Slootman wrote:
Date: Thu, 4 Dec 2003 11:34:44 +0100
From: Paul Slootman [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: rsync security advisory
On Thu 04 Dec 2003, Martin Pool wrote:
- rsync version 2.5.6 contains a heap overflow vulnerability that can
The following announcement was made by the Debian security team:
Paul Slootman
Date: Thu, 4 Dec 2003 17:09:35 +0100 (CET)
To: Debian Security Announcements [EMAIL PROTECTED]
From: Martin Schulze [EMAIL PROTECTED]
Subject: [SECURITY] [DSA 404-1] New rsync packages fix unauthorised remote code
Dear Manoj,
Have found out the mistake in my script.
One must create directory if he/she wants to move old
files to backup directory. In my script I was not
creating any new backup-dir(datewise), therefore
despite of have -b --backup-dir flags it was not
working. This means
rsync can only
On 4 Dec 2003, Michael [EMAIL PROTECTED] wrote:
I know that with ssh I can issue the -i command to use a different identity.
Is there anyway to use the -i command with rsync and ssh? Thank
you.
Use the IdentityFile and Host keywords in your ssh_config:
Host suzy-alt-key
HostName
Date: Thu Dec 4 10:59:33 2003
Author: mbp
Update of /data/cvs/rsyncweb
In directory dp.samba.org:/tmp/cvs-serv18506
Modified Files:
index.html
Log Message:
Clarify that the problem is with 2.5.6 *and earlier*.
Add CVE index.
Revisions:
index.html 1.17 = 1.18