CVE-2006-1320

Name of the Vulnerable Software and Affected Versions rssh version 2.3.0

Description The issue is related to a problem in the util.c file of rssh, where the lack of braces to define a block causes a check to always succeed, allowing rsync and rdist to bypass intended access restrictions defined in rssh.conf.

Recommendations For rssh version 2.3.0, consider modifying the util.c file to properly use braces and define blocks, ensuring that access restrictions in rssh.conf are correctly enforced. As a temporary workaround, restrict access to rsync and rdist until the issue is resolved.