Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Jan 26, 2002

  • Red Hat Security Advisory: rsync (Jan 26, 2002, 06:31)
    "New rsync packages are available; these fix a remotely exploitable problem in the I/O functions."

  • Debian Security Advisory: rsync remote exploit (Jan 26, 2002, 03:45)
    "Sebastian Krahmer found several places in rsync (a popular tool to synchronise files between machines) where signed and unsigned numbers were mixed which resulted in insecure code. This could be abused by remote users to write 0-bytes in rsync's memory and trick rsync into executing arbitrary code."