search.internet.com

Become a Marketplace Partner internet.commerce Be a Commerce Partner Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Technology Jobs LinuxToday Newsletters Subscribe News Subscribe PR Subscribe Security internet.com IT Developer Internet News Small Business Personal Technology Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers

Current Newswire: Mastering Grub 2 The Easy Way Shedding commercial attitudes towards documentation Will secret copyright treaty restrict your digital rights? Saving the "Best" for Last - Fedora 12 (Constantine) LinuxCertified Announces its next Linux System and Network Administration BootCamp The Problem With The Linux Community Vim 101: A Beginner's Guide to Vim Open Source Science: A Revolution From Within openSUSE 11.2-- Incremental Updates, Plenty of Polish Microsoft, other rivals slam Google Chrome OS Technical Specialist II – PC – LAN (AZ) Next Step Systems US-AZ-Scottsdale Post A Job | Post A Resume tinysofa Advisory: rsync Aug 17, 2004, 16 :44 UTC (0 Talkback[s]) (1977 reads) tinysofa Security Advisory #2004-020 Package Name: rsync Summary: Exposure of System Information Advisory ID: TSSA-2004-020-ES Date: 2004-08-16 Affected Products: tinysofa enterprise server 2.0 Description rsync [0] is a program for synchronizing files over a network. A vulnerability [1] has been reported in rsync, which potentially can be exploited by malicious users to read or write arbitrary files on a vulnerable system. The vulnerability is caused due to an input validation error within the "sanitize_path()" function of the "util.c" file. Successful exploitation requires that the rsync daemon isn't running chrooted. The vulnerability affects version 2.6.2 and prior. Resolution The rsync package has been updated to address this vulnerability. References [0] http://samba.org/rsync/ [1] http://samba.org/rsync/#security_aug04 =20 Recommended Action We recommend that all systems with these packages installed be upgraded. Location All tinysofa updates are available from <URI:http://http.tinysofa.org/pub/tinysofa/updates/> <URI:ftp://ftp.tinysofa.org/pub/tinysofa/updates/> Automatic Updates Users of the APT tool can enjoy having updates automatically installed using 'apt-get upgrade'. Questions? Check out our mailing lists: <URI:http://www.tinysofa.org/communicate/> Verification This advisory is signed with the tinysofa security sign key. This key is available from: <URI:http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0xAEDCBB4B> All tinysofa packages are signed with the tinysofa stable sign key. This key is available from: <URI:http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0x0F1240A2> The advisory is available from the tinysofa errata database at <URI:http://www.tinysofa.org/support/errata/> or directly at <URI:http://www.tinysofa.org/support/errata/2004/020.html> Updated Packages SRPMS 606db14378c661b0b5ce1bbb3cd87d52 rsync-2.6.2-2ts.src.rpm i386 7d8ea97c366ae496d266b168c9c172ca rsync-2.6.2-2ts.i386.rpm -- tinysofa Security Team <security at tinysofa dot org> No talkbacks posted.   Home | Search Talkbacks | Customize View    Top of Page   Enter your comments below: * Your Name: * Your Email Address: * Subject: CC: [will also send this talkback to an E-Mail address] * Comments: Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content. Fields marked with * are required!

All times are recorded in UTC. Linux is a trademark of Linus Torvalds. Powered by Linux, Apache and PHP Search: WebMediaBrands Corporate Info Legal Notices, Licensing, Permissions, Privacy Policy. Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs Solutions Whitepapers and eBooks Microsoft Articles: Visual Studio 2010 Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications Microsoft Whitepaper: How Windows Server 2008 R2 Helps Optimize IT and Save You Money Adobe Article: Java Developers Finding a Home at Adobe Flex IBM Articles: A Smarter Business Needs Smarter Technology Intel Xeon Processor Increases Server Efficiency and Capabilities Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise Oracle Whitepapers - Innovation for IT Leaders Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT Internet.com eBook: IT Manager's Guide to Social Networking Internet.com eBook: Get Ready for Windows 7 Microsoft Article: Expression Web 3--New Features for PHP Developers Whitepapers: Manage Your Business Infrastracture with IBM Whitepaper: Maximize Your Storage Investment with HP Internet.com eBook: Becoming a Better Project Manager Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration MORE WHITEPAPERS, EBOOKS, AND ARTICLES Webcasts Webcast: Connecting PHP to Microsoft Technologies Video: Microsoft Partner Program Benefits Video: Windows Azure Debugging Tips SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports IBM Webcast: Speed Business Innovation with Reduced Cost and Risk Video: Deploy Applications on Windows Azure MORE WEBCASTS, PODCASTS, AND VIDEOS Downloads and eKits Download: Microsoft Visual Studio 2010 Beta 2 Downloads & Free Trials: Microsoft's New Efficiency Resource Center Get the Windows 7 SDK Free Trial: Red Gate SQL Backup Pro 6 Iron Speed Designer Application Generator MORE DOWNLOADS, EKITS, AND FREE TRIALS Tutorials and Demos Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products All About Botnets MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES